Boy, talk about fixing what isn't broken
The existing RFC creation/ratification process works so much better than other structures I can't see a reason to tinker with it whatsoever. Its a weridly beautiful comprimise that slices thru B.S. and gets things that work, for a *really long time* (so far: forever) into play fast. Boy. Whatever regards to all, Dan ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
[Ietf] TLDs a thing not to do
Karl A said: Anybody who wants a new TLD should have to pledge allegance to the end-to-end principle (i.e. no new sitefinders) and promise to adhere to applicable internet technical standards and practices. Dan K says: The idea of harvesting bad DNS accesses as a business plan never occured to be until I saw it done. Not a really obvious thing. Anyway, Static, a little dynamic, or real time reconfigurable... DNS URL's should for sure regard this end-to-end thing seriously. Problem is, creativity can probably generate a lot of border cases, partially legit dynamic reallocations. Obviously, the idea the people involved are the arbiters is the real test. It would be interesting if somebody (ex. grad student working on a Masters in economics), would try to root thru the DNS issues from first principles. As an example, a read the Japanese TLD doesn't recycle domain names. When illigitimate, they get parked forever? Anyway, reducing the incentive to Cyber squatting, without needing a quasi-judicial system... that sort of thing; would be interesting as a thesis or three. But, well, I do thing a .XXX one thats expensive (pun intended), like sin would be useful. Of course, if the uptake rate was lousy... that would prove a lot. Its occurred to me multiplying TLD's has this odd divide by N issue to it. If you have X.foo you often want X.bar as well. So, if the DNS forced each fixed IP to be bound only to zero or one DNS, this would allow TLD's to be added with less moaning. interesting. Dan ___ Ietf mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/ietf
Patents? we don't need no stinking Patents!
Dean Anderson said, and is
While finding prior art is hard problem in any field, it would be helpful
if the Patent Office hired more experts in the fields that they offer
patents in, and in particular, more computer scientists.
Dan says:
In the above, a chemist would substitute Chemist for computer scientist, a
Mechanical engineer the same. Obviously, the patent inspectors know there is
probably public domain material, but it doesn't seem like they have a
reasonable access to it. The review process looks degrading to the patent
inspector if the applicant goes over their head in their internal appeals
process. So its easier to grant it. Plus, the funding, as per much of
federal funding U.S. policies, is stupid. The fees don't go for the work
done. { long story }. So, no matter how much the application costs; ( medium
costly depends on # of claims, mostly), no inspector gets a leisurely trip
down to Walmart to see about a shelf full of prior art.
Dean says:
Such patents as this are clearly mistakes, and are frequently overturned
on review.
Dan says:
As a reality check I just walked over to a desk here and touched an object
recently contested in a Patent battle. *any* trip to a flea market could
fill a pickup truck of goods built before 1940 that show the patent is at
least partially invalid. (some claims... stink). But, the Grantee won. Why?
Its cheaper to be right and lose, then pay a license fee... than be right
and win.
Dean says:
if you file right before product
release, and that product catches on. 18 months is a long time for
software. 30 months, and you are into lifecycle maturity. You've already
made commitments to using the software. Now you have to pay whatever they
want to charge. If the patent is solid, there is no way out, not even for
OJ or MJ, or BG for that matter.
Dan says:
The general principle is built on pain and suffering. The trick is, (like
Sam Ting said about how to win Nobel prizes: I think you should be first,
and be right). Interference is super complicated, when they actually
overlap like you described. I think if I remember correctly, it happens in
about 5% of the cases, so its a lot. No doubt, its a pipeline, so one begins
to wonder what public interest is served with long delays... I can't think
of any. A usual way to deal with the reality is to use the granted one as a
citation, make a trivial improvement, and now you have reset the clock 2
years or so. Of course, if there are real damages, all this is retroactive,
plus often a bonus multiplier of 1:3 for being a evil-doer, so its a
financial burden.
Dean says:
But anything halfway novel, and new. Well, that is another
story: Patent it or someone else will.
Dan says:
What is Obvious to one practised in the art; (which is the US PTO test for
novelty). Our patent attorney says if it takes more than 45 seconds for the
dumbest person actually employed in that field to figure it out, then its
not obvious.
Who know for sure, but I doubt this was the intention 300 years ago when
this concept emerged.
(*) 45 seconds is not a lot of head scratching.
(*) The dumbest person employed in a field is not about best of breed ideas.
But Biochem, design, and general patents have slightly different time frames
and admisability rules, so maybe this is a little bit of a start. Improve
the system like so?
(*) Second dumbest person
(*) 1.5 minutes of thinking
(*) Different durations for different kinds of patents. Maybe software
should be sort enough to make it functionless completely. That would suit me
fine. I think many good programs behind the scenes do things in non-obvious
ways, but somehow because someone else stumbles into the same proceedure, it
just doesn't seem like patentable material to me, at all.
XOR operations for a blinking cursor? Can you think of another way NOT to do
that?
Dan
License for downloading music - well!
The Electronic Frontier Foundation has proposed a scheme to decriminalize file-swapping, whereby users would pay $5 a month in license fees. The annual $3 billion this would net would compensate artists and record labels, the group says. San Jose Mercury News (2/26), Wired (2/26) Posted on Thu, Feb. 26, 2004 License to allow music downloading proposed By Dawn C. Chmielewski Mercury News A leading Internet advocacy group Wednesday proposed legalizing online file-sharing through a voluntary music license that would compensate artists -- and decriminalize the actions of millions of music fans. The Electronic Frontier Foundation called on the music industry to form a new collection agency to issue file-sharing licenses for a monthly fee. The group said a fee of as little as $5 a person would net an estimated $3 billion annually for the music industry, which currently earns no revenue from the billions of songs exchanged through unlicensed services such as Kazaa. And it would entitle the estimated 60 million Americans who use file-trading services to continue swapping songs without fear of lawsuits. = Dan says: Well, this is a perfect way to make sure the status quo is maintained and record companies continue to ad no value but receive compensation. Paypal and micropayments have been horribly remiss in not developing adiquate solutions to small payments. ASCAP and BMI do a perfectly horrible job of finding the smaller artistic providers and redistributing income to them. They use a statistical model for auditing. Would you like to be paid based in a 3% sample of your efforts, randomly selected? I appreciate the best intention of do-gooders. It seems unfortunate micropayment systems seem to limp so badly. regards to all, Dan
Peppercoin
Hi, John S mentioned this micropayment scheme: http://www.peppercoin.com/General/FAQAnswerPage.ppp?keyID=helpfaq/faqs/Abo utPeppercointopicIndex=3 Interesting, but its really built on information goods specifically. Like tradedoor crypto sprinkled with dollar value connections. Thanks. Interesting. Unfortunately but realistically... treasuries like the US mint, etc define what constitutes legal transactions and specie for that. Seems like Visa, Amex, etc have come reasonably close to currencies with stand alone valuation. An interesting field. Seems like the infrastructure of internet is more than sufficient to implement any of this. regs to all, Dan
Primal urges in the can-the-spam movement
Robert Brown said: Let's BUY the MTA server and two encryption nodes whose only job is to ensure that the MTA queue never runs dry, each equipped with 600 GB in RAID3. Let's see, that would be, hmm, less than $10K if one got gold plated parts, less than $4K at my local OTC no-name computer store. Let's amortize all costs over a year. The $10K hardware cost is then a measley $30/day. And further said: SPAM is undeniably evil, but the place to add costs is at the ISP level and the PoP level. Acceptable use agreements with sharp nasty teeth and anti-spam legislation that hits spammers AND the networks that tolerate/enable their activities AND the actual vendors that are selling the products being spammed with big fines have a far better chance of having a favorable impact on SPAM than any number of arcane and expensive countermeasures at the level of the mailer itself. Legislation CAN be effective. The new do-not call list has worked absolute wonders for me. Note that PHONE spam was never free -- it costs anywhere from $0.10 to $1 per call. Yet three months ago I would get hit a half-dozen times per day or more. Caller ID was all but useless, as few phonespammers used listed numbers or else they used blocks. The DNC list plus the promise of fines or worse, and I now get phone-spammed once every few weeks, usually by somebody that apologizes profusely and babbles about removing my name from their list once I point out that I'm on the DNC list. After all, they can't sell to me without telling me who they are, and that's all I need to have them fined or worse. rgb Dan says: If I follows Roberts scenerios, he visualizes ways to own things like MTA's, etc and evade the cost per by magnitudes. Generally, as the second fragment of text describes, Robert's suggesting catch-me-if-you-can enforcement is the way to go. If that's a logical mode, IETF can possibly see a mandate to tighten technology to find our true sources of messages, packets, etc. Generally, like MPLS, and 802.11b, the trend is moving slowly the other way. I think instead of detailed calculations, an observation which might seem familiar to economists is closer to the issue. If you expect people paid to enforce things to do it, they will always Jones for more people and resources, and probably no enforcement in the world accounts for capturing more than some ones of percents of undesired activity. Like any community, there will always be a crisis or some description requirement more of: everything. Cooperation, legal scope, education, and of course always more money. This constitutes part of the noise level that degrades much of modern life. (Like the incredible competition to have the most interesting possible up and coming new disease, mental problem or crime). On the other hand, we all have a vested interest in watching the eggs in our basket. Allthough I've never seen a note posted to this effect, If I walked in off the street into the office up front in this building and started loading office supplies into a hand cart and roll them out the door; Secretaries, salespeople, the shipping guy, would come piling out of the spaces and stop me. Nobody put that in there job description, or has to. By making some catagories of messaging a chargable cost, and making sure somebody has to pay; (easiest as an anonymous cost up front), now everyone in the cost pipeline has something to gain and lose with enforcement. Its easy to visualize this. the MTA's look at a MIME type field and its a very large prime number. Its forwarded to an agency or heirarchy of agencies. They return a go/no-go message (UDP probably). If the number is already used, the message declines it and the message is aborted from delivery; (or just downgrades to free). If its accepted, the factors are return and the software verifies it by multiplying them. Having the factors on file proves the identity of the agency. Each handoff offers the MTA a new prime. Only the first is chargable. Any MTA can downgrade a message to free, (or upgrade it with a top level seeded prime). This works right down to a home box type MTA, like a POP3 program. Subsideary primes have a mappable relation to the seed ones; (doesn't matter what it is. As long as the relation can be detmined). MTA's which do not cooperate in the scheme incur no cost, and add or lose no value to themselves or anyone else. No message status changes. Some may encounter MTA's elsewhere in the system to modify that, but there is no red flag day at all. It involves trust of only one agency at the top of the heirarchy. You have to trust them to want old fashioned, hard currency, money. I can refer you to a number of personal aquiaintances with that characteristic, (if you do not know people of that ilk). regards, Dan
Multiplication, specifically large numbers by small ones
Further, any cost increase in email that is less than the cost of bulk postal mail will not deter genuine spammers. But even the regular user would feel the crunch if each email cost $0.37. If the IETF had to pay $0.37 per email, or even $0.15 per email, its 2 million/yr or so budget would not cover its email costs, and your draft would not be published. Dan says: Well, I have never gotten an unsolicited paper item for Viagra, but have gotten hundreds of electronic ones. There is a distinction between unsolicited communications, direct marketing, and spam. Its subtle and creates (in the US) first amendment rights issues that are non-trivial. But, 100M email mass solicitation at $0.001 each is $100K, which is a medium good houseworth of dollar value here. I think it would annihlate the worst of mass spam. Obviously, all email could travel as free per or some stipulated super low, sub penny cost. EMail programs would instantly sort it and offer to throw away the $0.01 items I don't see a compelling reason to add a cost in the absolute case. In such a scenerio after even one $0.01 message your email infrastructure could hand subsequent items for $0.00 per. I think whoever thought up the idea should be identified as a pretty sharp cookie. Its just slices through so many thorny issues with few downsides. Of course, if absolutely no one responded to spam the incentive wouldn't be there to send it. So maybe we just need more time for young people Hey! There is a guy in Nigeria who wants to give me two million dollars. Gotta go!
My first hand routed SIP call - Good example for new users
Hello... Regarding making SIP hop for you in your first session! As any programmer knows, getting the first Hello world back from a new computer language is the hardest hurdle. After that, you look back after a few thousand pages of code and say... easy. Doing this all a little at a time will teach you it in a deep sense. If you just want to make a call and not know how it works: Bum a quarter and find a payphone instead! Anyway, here is a canned example of a TCP hand coded SIP session that works as of this morning. SIP tends to just hangup without an response code unless the session is reasonably well formed. The below works. Thanks Henning S. for inventing SIP! and making the client exist on columbia.edu as below. This is via TCP using a telnet client under linux. I telneted to the linux box from home using a telnet client under Windows. Anyway, it couldn't make the UDP open, but that is hello world plus so once you have the response code to parse... the low level is working, obviously. The below is a telephone call to Columbia university via internet hand routed without software. This is a good way to learn it in depth. The best actually. The top block is what I hand entered, and the bottom is the (HA!) phone switch. Stimus and response, hand entered. Somewhere I read some Telnet clients inserts extra [CR LF[ sequences which goofs up the [CR LF] detection. SO enter it carefully by hand once and you will be far ahead. If you get a 200 Bad thing etc you know your firewalls and what have you is not in the way. Regards, Dan K TELNET telnet open sip.columbia.edu 5060 Trying 128.59.39.127... Connected to ren.cc.columbia.edu. Escape character is '^]'. INVITE sip:[EMAIL PROTECTED] SIP/2.0 Via: SIP/2.0/UDP 169.130.4.4 FROM: sip:[EMAIL PROTECTED] TO: sip:[EMAIL PROTECTED] call-id: [EMAIL PROTECTED]@test.com content-length: 0 SIP/2.0 400 Transaction tupel incomplete (9/SL) Via: SIP/2.0/UDP 169.130.4.4;received=204.101.26.60 FROM: sip:[EMAIL PROTECTED] TO: sip:[EMAIL PROTECTED];tag=b27e1a1d33761e85846fc98f5f3a7e58.16fb call-id: [EMAIL PROTECTED]@test.com Server: Sip EXpress router (0.8.12 (i386/linux)) Content-Length: 0 Warning: 392 128.59.39.127:5060 Noisy feedback tells: pid=13647 req_src_ip=204.101.26.60 req_src_port=4829 in_uri=sip:[EMAIL PROTECTED] out_uri=sip:[EMAIL PROTECTED] vi a_cnt==1 Example: 4769498 First SIP call Regards, Dan Kolis
RE: Effectiveness of STUN protocol
Masataka Ohta wrote about STUN Is it a client server app or a P2P app? Hi. Well, I read the RFC in some detail, and it is an application which should be on the public internet side on a stable server. Its clients could be all kinds of processes/apps, from P2P programs mostly, but its a general resource to decode what a NAT is doing. The RFC reminds the reader there could be lots of transactions sometimes, so it should be scaled for the purpose. Regs, Dan
STUN protocol implementations
About STUN: Reading it, it would seem like the app could ask about itself and then forward the real IP(s) and ports, avoiding having the STUN server get a lot of hits. But this is a REAL workaround no matter what. That doesn't make it a bad thing. The documents really clear that it is a way to deal with undocumented NAT processes. It would seem like this might help... but really its probably not useful. The programmer(s), I think, should be attentive to the idea some configuration thingus could change the the session using whatever protocol suddenly can't continue. If so, maybe reinitializing the transactions after consulting STUN can be done without having the session itself fail. I guess if the process/program is doing a one to many by any methods... (multicast, lots of streams, etc), it could keep asking the STUN server about itself, they try to advise the other end so the STUN server doesn't get flooded. But its probably a race condition without formal timeouts anyway. messy. regs Dan
P2P - Crime / NAT
This really doesn't say much about the scalability of the solution. What it indicates is how much effort people are willing to go to to commit what is perceived as victimless crime. Two things. First, here in Canada there is a new tax on media like writable CD's; (extendable to Memory cards, or anything that likely holds licenced media). And this ostensibly is redistributed to the artists via some sort of audit like Arbitron, etc. So, at least here downloading movies, etc is part of a transaction. Apparently, oddly its legal to download music specifically... but MAYBE isn't legal; to offer it on a permenently available server ... with what constitutes a server intentionally vague. Law is a work around by its very nature. It only pretends precision. Second: If/When I start a residential gateway I think I will do everything possible to make it IpNG capable. Thanks everyone for talking me into it. I'm trying to study it in detail a little every evening to get ready. I hope cable TV (my industry) get with the program and do this right. These little boxes glued all over the networks with there http interfaces... are not specifically too good. If anything will force the issue its going to be SIP I think. Does anyone know when/if Microsoft is bring out a consumer operating system with IpV6 in it? That would be useful for market acceptance...??? regs Dan
Effectiveness of STUN protocol
Michel said: This is not true. Kaaza does not require to open any ports nor configure anything in the NAT box. The latest versions of SIP using STUN don't either. Dan asks: Yes indeed. Probably the #1 biggest use for STUN short term is going to be SIP. It seems like not too much information has to go thru the known reachable machine. Maybe just about the same loading as a DNS server? So, although its kind of a work around, its probably going to do the job. Does that seem right? Dan
Your all complaining about NAT mostly
I'm making a product from scratch shortly and think the tide has turned to support IPv6 as much as possible. I haven't looked. Are Docsis Cable modems 2.0 IPv6 aware? How about MS operating systems? If ISP's and cable ops didn't ration fixed IP's NAT wouldn't be so popular. Its a way to evade an cost which is arguably illegitimate in the first place. The operators caused this, and not it reduces there income. They did it to make money; (and also were too busy to notice what they were doing). Can be fixed in a number of ways. -Dan K Almost all via dual-stack.Those who have done so have found the extra cost minimal where the v6 capability is introduced as part of a normal procurement cycle. The UK academic backbone JANET is one example in your context. Remember it's not about migrating in most circumstances, it's about parallel capability to enable v6 to operate now as the first phase of a (very long) transition. But some networks are emerging ipv6-only, particularly in Asia. Tim
Re: Your all complaining about NAT mostly
Actually, I'm told by ISP people that they don't make money off their address charges, that they basically just cover their own costs. Noel Bell Canada here charges $10 or so for a few fixed IP's per month. They are bought for $0.60 US as a one time cost. A pretty good cover. Regs, Dan Dan Kolis - Lindsay Electronics Ltd [EMAIL PROTECTED] 50 Mary Street West, Lindsay Ontario Canada K9V 2S7 (705) 324-2196 X272 (705) 324-5474 Fax An ISO 9001 Company; /Document end
10 Years
Anyway, the point is that successful networking technologies don't take 10 years to succeed. They either catch on, or they don't, and after 10 years this one has not caught on. Ho boy. Good point there. Its like boy oh boy! POP3 is dead use IMAP. blablabla IPv6 oddly though is sort of a hmmm behind the scenes thing a little. slightly different. But I think your right if 10 years of waiting doesn't get an internet innovation adopted much its at least sick and maybe dead. regs Dan Dan Kolis - Lindsay Electronics Ltd [EMAIL PROTECTED] 50 Mary Street West, Lindsay Ontario Canada K9V 2S7 (705) 324-2196 X272 (705) 324-5474 Fax An ISO 9001 Company; /Document end
Re: Death of the Internet - details at 11
Yup, it needs a killer app or feature. Bigger address space was that feature, but one made moot by NATs. VoIP and multimedia via SIP without having a resident network engineer in your attic. Enough said? Dan
Eating the canned from the new information society
I was curious enough to read the contents of this URL, (about the U.N. about to meet to do something or another with the information society): http://www.itu.int/wsis Site barely moves. We have good bandwidth and its 400 bit/S, says my browser. So, for fun, I tried: http://www.alpo.com/ Which loads instantly. The make dog food. Working assumption: When the self annointed intelligentsia about to make all these unrequested experiments with Internet can achieve the real world performance of a dog food company, they will have made progress. Do you think there is going to be even *one* delegate, even *one*, who decides they should just leave things alone? Regards, Dan
Re: Worst case question I guess
Maybe its like the saying when all you have is a hammer, everything looks like a nail. The global funds transfer system (SWIFT) used for transferring billions of dollars an hour had a security scare and fell back to an almost manual system for a few days. It worked fine functionally (slightly slower than the automated one), and left clerks all over the world exhausted from overtime, using codebooks instead of programs. But they got thru the security problem without serious incidents at all. With basically a near no technology solution. I mean, Napolean would recognize a one time pad codebook solution! IETF is going to have its babies taken away one at a time by a political process which serves no ones interests well. Unless you are in the (World War) WW x (x=fill in the blank) fan club, for instance. And, its a bad thing, for everyone, and since nobody got a huge moral and functional head start to stop it, it's inevitable as (acid) rain. Worrying about the trouble resolution schemes is a feel good excercise comparing to worrying about the intention of the people involved. More of the next masters care about which polititian overrules which domain name more then whether the thing works. First cannonball over the deck is some massive, extended argument over whether the disputed territories between: Taiwan / R.O.C. Russia / Japan Israel / Palestine The Koreas is which. And the 'solution' to what is a non-problem functionally, will be blockades, hyjacking, etc of the DNS to disempower one side or the other. It seems to me my preferred solution is no official solution, but some techno fire drills with all parties welcome. Under the upcoming envionment, the best possible is complete distributed responsibility. Of course the bad thing is inevitably different DNS servers will serve up different Ip's for some controversial DNS zones. Which is the worse of the two worse cases... that, or having political processes delete unpopular viewpoints. When polititians find out they can squelch opinion by something as simple as a court order to delete a DNS entry, it won't take a week before instances of it are common. The only reason they haven't is they don't understand technology enough to know exactly how well this would work. They will. As has been pointed out on this list, the actual rate of changes in the root zone is on the order of a few per week. Statistically, that means your 24 hour rollback might, often, have zero effect. Now compare this to the change rate in some very large ccTLD or gTLD, which is, I would assume, measured in the thousands per day range. john Dan Kolis - Lindsay Electronics Ltd [EMAIL PROTECTED] 50 Mary Street West, Lindsay Ontario Canada K9V 2S7 (705) 324-2196 X272 (705) 324-5474 Fax An ISO 9001 Company; /Document end
Worst case question I guess
As a (not too) humble regular DNS user as opposed to an insider... What is
the worst case scenerio on this, anyway?
It seems to me our buddies and the North American power reliabability board;
(whatever) would say they can't POSSIBLY fail such that power is out for
days. Yet it happened. I think killed some folks here and there too.
It seems to me, I'm speaking from a skeptical approach which is always the
best when the downsides big.
If all the root operators had an offline copy of there DNS entries and
rolled back 24 hours in a crisis, so what? 99.99% of DNS UDP's would
resolve, a few new ones would be troubled. No Anycast, no BGP, just rollback
a day and reassess the systemic failure for a next plan. Turn all that off
and think for a day or so.
It seems to me a smaller chance but a non-trivial one is for the whole thing
to become unreliable because the (maybe) millions of subdomains get
clobbered. For instance, I think I'm right that the subdomain www.
{anything} is incredibly distributed. Never a SOA at a TLD ccTLD... You know
what I mean.
If a WWW snagger rewriter virus existed that left 100% of the root servers
perfect (either due to a brillant management plan, disinterest, or dumb
luck, etc.) but www.{any} didn't work, the loss of functionality would be
close to having the roots lost, wouldn't it?
Harder to fix, because the people involved haven't been to a fancy workshop
of what if's. And there hard to contact because suddenly internet is
unreliable. There was an outage in the switched telephone system much like
this about 12 years ago. None of the technocrats who could fix it could find
each other, so the outage persisted for a long time until an unnamed vendor!
bicyled new binaries to 400 phone switches.
regards
Dan
Dan Kolis - Lindsay Electronics Ltd [EMAIL PROTECTED]
50 Mary Street West, Lindsay Ontario Canada K9V 2S7
(705) 324-2196 X272 (705) 324-5474 Fax
An ISO 9001 Company;
/Document end
Synopsis of Internet relevant White house document(s) regarding security
Greetings,
The cleaning people came through my building so I decided since I shouldn't
walk on there wet floors (until they dry), I might as well save the free
world with my unsolicited, amazing opinions.
The below I gather is the White House official policy on tinkering with
everything electronic including the Internet in the name of security.
If you download it, its not immediately apparent it available as about 14 or
so little pieces {OR} one big PDF. Look around on the page for which suits
your pleasure(s). Either way, its got some reasonably cheesy clipart (Maps,
fat translucent resistors on printed circuit boards, etc.). It embarasses me
I often write stuff like this myself. Anyway... Its completely packed with
passive soothing language about bad things that can happen, and new
committees, and of course (subject to FUNDING), new things to be done.
I guess I have a hard time grasping the intended audience for this document.
Its not nonsense, its not ominious... mostly seems like a clear and honest
plan for a large make work project.
On the international scale, about 3 pages of 60 or so are about anything
beyond the USA specifically. Since the beginning of each section is by
definition cheesy clipart; (this particular one is a mouse resting on an
ancient map of South America), there isn't much about the rest of the world.
Maybe that's reasonable. I'd just point out some of these bad things they
worry about start far away from the homeland in space, but only tens of
milliseconds away in time. so maybe a little more in there about
international stuff would be good; (But this would cut into the square
footage required for the clipart).
My one line notes below are what I think might be of interest to people on
this reflector. The modules of the document Priority II and Priority V
have more to do with Internet than the rest.
Of course, its a good moment to remind everyone internet probably would be
vastly less cool, and therefore work a lot worse), if it wasn't for ARPA,
which are an arms length RD institution of the DoD.
Regarding point P below.. (A federally sanctioned clearninghouse for buggy
software); for everyone's convienence I's like to suggest a nice Pacific
coast location for this NON COLOR CODED (gasp!) team.
Some of it is pretty good logic, no doubt. Like R). Trying to make default
settings in things have security turned on, not off for working Joe's.
Most of internet stuff is letters: F thru L. Page numbers are shown as below.
I think DHS is department of homeland security.
I got thru the whole thing pretty much. (The heater(s) were not pulling
there weight due to the cold outside so the floor took a long time to dry).
Regards,
Dan
Source:
===
Title: The National Strategy to Secure Cyberspace
Source: The White House, Washington, DC
Date: We are too cool to identifiy our documents... GUESS
Table of Contents:
Letter from the President
Executive Summary
Introduction
Cyberspace Threats and Vulnerabilities: A Case for Action
National Policy and Guiding Principles
Priority I: A National Cyberspace Security Response System
Priority II: A National Cyberspace Security Threat and Vulnerability
Reduction Program
Priority III: A National Cyberspace Security Awareness and Training Program
Priority IV: Securing Governments. Cyberspace Priority
National Security and International Cyberspace Security Cooperation
Conclusion: The Way Forward
Appendix: Actions and Recommendations Summary
http://www.whitehouse.gov/pcipb/
===
{ My one liners begin here }. A BHB is, of course a Dilbert class Big
Honkin Binder
format is X) nn text
X) = Unique letter
nn = page number
text = uh you guessed, it: text
Priority II:
A) 28 Help industry with security
B) 28 We should teach FBI guys a little about technology
C) 29 Track troublemakers a bit more
D) 29 Let's make teams of people and color code the teams; ( Blue team to
quadrant 6!)
E) 29 Right up a BHB of bad things bad people do we plan to stop
F) 29 How the internet works
G) 30 On internet the DNS, IP, BGP do important things
H) 30 Promote IPv6 because those pesky Japanese are already ahead of us, (so
it must be a good idea)
I) 30 Some bad thing on 21 Oct 2002 in the DNS justifies the Urgent need
for expeditious action to make such attacks more difficult and less effective
J) 31 The IETF has established working groups for securing BGP and the DNS.
These group(s) have made progress, but have been limited by technical
obstacles and the need for coordination
K) 31 Denial of service is a bad thing. Out of band management is a good thing
L) 31 The absence of source address verification is troublesome
M) 31 DHS will recommend better security practices
N) 31 Another BHB on the best way to do all sorts of things. This one's from
the FCC
O) 32 Another BHB for programmable logic controllers people to remind them
its bad to
Re: Ietf ITU DNS stuff III
Franck said: Well to come back to my original comment, is that IETF, IANA and ICANN by being individual members organisations do not have the front of ITU, which is unfortunate as the Internet is not being done in ITU. Governments have to understand that and for that dissociate themselves from the old telco concept... Interesting point. IETF, IANA and even (maybe) ICANN should have a banner advertising program, so many/most/nearly all websites have an anchor/link to a constituentcy web precence explaining where internet came from. You people in the list that represent big money... CISCO, Motorola, Juniper, etc: If ITU get in this, the pace of innovation will cease. I mean, they like H.323 not SIP and X.400 Email. So this will materially hurt your business. Here's what they will do if there allowed to: Make pacts with federal goverments; (like the GSA and European Union), to only buy stuff conforming to there standards, which evolve as slowly as possible and are designed to make only incremental investments in hardware likely. So... The big contracts are pulled. Nodays, the civilian pull is pretty big, so this isn't a full stop. I mean, linksys care far more about what the buyer thinks at Wallmart than the D.O.D. But at some level, this (proposed) string pulling will hurt network advancement. So its worth developing a paid ad campaign, but hopefully most if not all the media should be on the web itself. Of course, a paper sack of unmarked bills always helps when dealing with professional polititians. This is totally a hardcore I told you so issue. I hope I'm wrong, but if it plays out badly you will think; Dad-burn-it! he was right back in 2003!. Regards, Dan
An apology of sorts
Hi One paragraph to apologize about being aggressive about the ITU. So much comes out of them as a group that is nessessary and excellent, I'm sorry to be critical of their proposed increased role in internet. Stuff like AC-3 sound, the WARC process, is good work. Its not the people that slow it all down and so it, its the process of just too much decision making my concensus. Did you ever heard why ATM got 53? is it? byte cells? They just averaged a bunch of competing propopsals. Too much concensus makes things less functional. the RFC etc process is odd but seems to do the job.
Ietf ITU DNS stuff
Dean said: But of course, governments have the sovereign right to control the communications of their citizens... Dan says: Well, I don't agree. If you believe in speech divorced from action; (ex. Commercial speech, inciting to riot, fraud), in which speech is a component of an act... Just simple communications. I don't believe: governments have the sovereign right to control the communications of their citizens. They do (goverments), I guess. I can't think of any good that's come of this so far. It seems to me the subtext of less control in telecomm is a newly evolving civil right. Interesting how much people can differ in what is to them an obvious first principle. This existing structure isn't broken, and recalling its mostly about bare faced power to repress ideas helps understand the motives, however. Weird how indirect and bogusely indirect it all is. I mean, the excuse factory has to run full blast to justify some of all this. regards to all, Dan
Ietf ITU DNS stuff III
Dean said: There are, though, good reasons to have some government controls on telecom. Whether these controls are too excessive or too lax is not up to ICANN or the ITU. I can think of cases were some good has come of it. E911, for example. Radio, TV, cellphone allocations. Ham Radio licences. If license-free wireless operation weren't restricted in power, few people would be able to use 802.11 because one company would be broadcasting at hundreds of watts, etc. Well, you know both charters and constitutions can be revised with consent. Of course, you're right, some brokerage and allocation is necessary. Italy had a UHF Don't care policy for low power TV and it turned out to be probably not in the public interest. Still the essence of all this is content versus communications. The general idea surely of the ITU came about exactly in the context of limited frequencies and power, etc. So, fine. Coordination of this is reasonable. Internet needs *far* less of this thinking then any previous globally built system. The reason is, mostly you have 65535 ways to do most anything... minimum and some odd hundreds of millions of places/machines/people to do it. If Internet didn't exist in its present form and work... ITU types would make dire predictions over how without regulation it simply wouldn't work independent of content. The argument would be framed as a common sense technological issue. The variant of it is unless the real adults take over... sooner of later (FILL_IN_THE_BLANK) will hyjack it, trust us! (FILL_IN_THE_BLANK) is Pornographers | Spammers | Terrorists | Microsoft | Mumbo_Jumbo | etc. I'm trying to seek in my little gray matter even one benefit of having the ITU do anything with the DNS. I mean, maybe somebody can point out a URL of something with an upside to it whatsoever. In January, some obscure protocol is going to link Internet *IN GENERAL REALLY* to two orbiters around Mars to talk to little buggies which hopefully will land and work. So this thinking, so far has not only worked here quite well, but even seems to be usable off planet. Am I missing something? Regsards, Dan I hope this isn't too far afield of ietf stuffola. I'm kinda of worried about that, (but no too worried to click on SEND)
ICANN but I CAN'T, sometimes
Any formal body has to have some jurisdiction in which it is constituted. One can argue whether California non-profit law is better or worse than being a UN entity. I believe there are arguments against the latter as much as there may arguments against the former. The IETF is about as close as we've got as an authority on the Internet that is not bounded by geographic boundaries, governmental control or commercial contract. You can make a reasonable argument that we should be running the show here, not ICANN. The UNITC meeting needed to happen several years ago, but now we're there, realistically there is only one option left for a single, cohesive Internet to remain whilst taking into account ALL the World's population: ICANN needs to become a UN body. nonsense - as constituted today, ICANN is a better forum for interested constituencies to debate policy FOR THOSE AREAS THAT ARE IN ICANN'S PURVIEW (not shouting, just emphasis on limited purview of ICANN). Interesting. Everybody on the sidelines of this; (like me), not Vint or the other Internet Founding father's, pretty well assume a drift towards rational processes in the world winning over a long time frame. How long? Seems based on the drift rate, pretty darn long. So ICANN is definitely one of the clearest entities which has a completely, totally non-geographicly defined constituency. There are others, like International Civil Aviation Organization for commercial air traffic and WHO for health. DNS, biological viruses, and jet aircraft all by there nature challenge rule by dotted lines on the ground, made by chance, desceased power mad old guys, where rivers flow; (now, that's a reason for a boundry; Wow. its RUNNING WATER. Lets have a war right here), etc. So an somewhat negative example is air transit. The whole structure makes air travel a detail of world war I. Anybody smart enough to read should realize, no matter how horrific a (set) of wars are, they aren't forever, and the structure of such a thing should look beyond the present. So, here is a reasonably understandable negative example. A thought experiment would be if DNS wars happened after the twin towers attack. All questions would be framed as security issues, no matter how farfetched the reasoning. Fortunately for the DNS, this isn't the case. But with Voice over IP inevitable to abolish PSTN telephony, the DNS also becomes the world directory of electronically reachable persons; (with WWW and LDAP hanging off of it). SO civil libritarians, anarchists, and conspiracy theorists are poking around in a domain of reality that is truly, wired to everything else, and everyone else, longterm. So, as said above: One can argue whether California non-profit law is better or worse than being a UN entity. I guess your right. But there should be, and probably will, (see the LONG DRIFT theory above). A completely tracable process much like representative political processes which has no geographic hooks whatsoever. Oddly though, since the material world is where things are changed by the acts of humans; this is problematic, I guess. If even a NGO structured ICANN tells a named person to change a RR, there are two(+) geographic named places. One where the person ordered happens to be, and the second where the computer(s) happen to be. Third is the place(s) where the descision occurred. Some of these can be completely masked by technology; for instance, the ICANN type descision maker could have some PGP style exculsive permission to Telnet into the DNS, no matter where it is; (any they might be enjoined from knowing it), and change it. What this simulates is techno-omnipotence, to avoid political meddling / incomptence. I think considering how new in jurisprudence terms the DNS conflicts are, ICANN has done a reasonable job. I read many judgements from Montreal and Geneva (WIPO) and only thought one was grossly wrong. And I think WIPO effectively censored that arbitrator; ( only used once after. He's overboard for life, probably for the two mistake's) [HEY like California... three strike, you know]. (TATA group of company's versus Bodacious TATA's is, I believe, clearly in error). Another thing that is somewhat comical (and sad) is WIPO is still based on licking the pavement of geography based power. (sad). They organize these named persons by national origin. This is an insult to them, and to the parties in disputes. We all know this is to prove some obscure non-reality of fairness. But, there background professionally, etc is more likely a bias than national origin anyway. All references to national origins should be minimized, and almost inaccessable. I think the arbitrators, likely with or without I'm so legit I even SMELL ethical, paper trails probably mean well. A DNS battle is a winner take all dispute with non-trivial consequences. So its an acid test generally. Generally, for the accountability and major structural decisions for ICANN, Maybe the Kennedy school of goverment should
Verisign problems - redirection without RR's
I'm hoping for a 'change of faith' based on the $100 Million lawsuit. I can't believe anyone capable of doing this, would do this. Even the paper newspapers get this is somehow a bad development; (ie wall st journal). Proves ICANN is not interested in the integrity of the DNS to have permitted this. regards, Dan
Verisign problems - redirection without RR's, how did it come to be?
Dan said earlier: Proves ICANN is not interested in the integrity of the DNS to have permitted this. Marc said is reasponse (to some extent): ICANN is probably busy trying to find a way to copyright the root domain. Everyone wants his slice of the unlimited possibilities for manufactured wealth inherent in IP law. ICANN could ask Dept of Commerce for an * in the root zone. It could solve all ICANNs financial problems. Perhaps com/net was just a test case to see what reactions would come? I don't really think so, given the way ICANN reacted. I think ICANN wasn't even consulted. Not that that gives much hope for the future of the DNS. Dan says now: Ahhh. Do you think so? Obviously they didn't ask. Any kid knows not to ask the parent who will say no until you try it first. Asking for forgiveness works better than asking for permission. Its not obvious to me hyjacking domains instead of selling them has a business upside. But, I don't sit around inventing new kinds of spam, either. If it was my *job* (even if I took it on as a volunteer) to prevent a thing, I would think long and hard to stop lots of bad things, before the illicit players in the field I regulate did them. Also, you would think there is a generic description along the lines of works to secure the integrity of the Domain name system, and if any TLD provider doesn't do that, they are removed. I hadn't specifically considered ICANN as an organization is well meaning, but not capable enough, to fulfill their mandate. Sounds reasonable though. As nearly the ultimate Non-govermental organization, ICANN and the DNS certainly does break new ground, so it seems reasonable unanticipated bad things can happen. In this scenerio, the most important thing is vast, punitive action without recourse. So, $100 Million is a nice start. An of course, denial of future sales to .COM, etc Interesting as it is, this is pretty much a non-technical issue though. I think? I just don't think there is much more to say here, specifically, if anywhere on the subject. So, I won't keep posting on the subject. Its just so depressing to see everything debased by bad people who don't want to do things right. This is just a subset of that general thing. Regards to all, Dan
POP3 extensions - thanks
Pete Resnick at Qualcomm tells me/us of POP3 extensions: RFC 2449: POP3 Extension Mechanism. and POP already has authentication (RFC 1734) and TLS (RFC 2595), but I don't think that's what you're talking about. I don't see how crypto or authentication apply to spam in the context of POP here. All I was thinking is it seems like the SMTP infrastructure is sort of hard to tinker with. Businesses live and die by email, etc and any chance something they want doesn't get thru is a big deal for people. While sitting in the POP3 holding pen... a email could be subject to scrutiny of different kinds that might be easier to manage than a change to SMTP stuffola. I will read the RFC so I know more about what I'm mumbling about in the future. Cool thanks Dan
POP3 delivers, not deletes III
Harold I / Dan K said: A *lot* of POP-using programs have the Leave Mail On Server option. And a lot of people have used Leave Mail On Server as a poor man's 1-folder IMAP, leading POP providers to implement mail retaining policies of the RETR it once and it's gone, whether you DELEted it or not. This is shown up in RFC 1939 (current definition of POP3) section 8: .In these situations and others, users and vendors of POP3 clients have discovered that the combination of using the UIDL command and not issuing the DELE command can provide a weak version of the maildrop as semi-permanent repository functionality normally associated with IMAP. ...and in response, server operators are recommended to: * Enforce a site policy regarding mail retention on the server. Sites are free to establish local policy regarding the storage and retention of messages on the server, both read and unread. For example, a site might delete unread messages from the server after 60 days and delete read messages after 7 days. Such message deletions are outside the scope of the POP3 protocol and are not considered a protocol violation. Dan says: Well, yes I guess it their server (somebody's). There are a few things obviously desireble in POPX thet aren't in there. (deliver without Mime attachments as a preview, for instance). Seems like IMAP is kind of too much, and Pop3 is too little for a lot of users. I wouldn't like it if the server did this. I'd rather have a fixed limit in size, and a warning via email when its almost full, and have it reject messages beyond that size. But that's me. I guess leaving it to the site is just a part of reality. A tiny extention to allow push email just broadcasting the subject lines; (possible encrypted) and headers generally would be cool. Like blackberry's protocol but not proprietary. In any case I think pretty soon a total rethink of email is in order... re authentication/encryption/spam. but it's gotta be compatible and this will be tricky, to say the least. regs Dan
POP3 prograsm that enforce old message policies
John K said: I am pretty sure Vint knows what the protocol says. So, certainly, do I. In the real world, several ISPs have insisted that their servers provide an implicit DELE after messages have been successfully downloaded and the connection closed. If leaving the mail on the server (not DELEting them until you tell it to) is important, you could, of course, choose an ISP that doesn't do that automatic/ implicit delete. But, because there are ISPs that do the automatic delete, Shelby's claim (as I understand it) that his system will work with any POP3 mailbox and server is not quite correct. john Dan says: Another way to do this is via EHLO and then your client would have to subscribe to the feature of some timed self delete or you would be denied access totally. This would make sure the user is given a heads up on the whole thing. This would be super clean. Your program (in your national language) warns you the server is going to enforce some message removal method. With the excellent thinking in the development of these... I'm surprised that's not how it works. regs, Dan
Portable voice services with switching between urban and home
Greg Cunningham said: Personally I would be more interested in a cellular phone that would hop to a private home network signal. Once you get home (or within a 1/2 mile or so) you the cell phone becomes an extension in your house. Would be even nicer if the line went out, and the phone company could automatically re-route your home line to your cell phone. Dan says: They exist in other places. http://www.dectweb.com/Introduction/answers.htm Oddly not too successful. The UK tried but didn't figure out all sorts of things... Just destroyed the approach while still in the cradle. Anyway, clearly Verizon is heading in the same direction. S L O W L Y Regs, Dan
VoIP regulation... Japan versus USA approaches (RE: Masataka Ohta, Simon)
Masataka Ohta and/or Simon said: You should, at least, distinguish VoIP as a telephone network and the Internet telephony. In Japan, TAs to connect the Internet and POTS telephone devices are rapidly replacing the telephone network including VoIP ones. a. VoIP is telephony and should be regulated. b. VoIP is internet and should not be regulated. Why, do you think, the Internet without voice should not be regulated? It is. Paradoxical reguration on voice in US is a US local issue. Dan says: If VoIp just was a telephony service the argument of bypass shows up in FCC policy and paying into the universal fund is an argument which is looked upon with possible merit at the Fcc. Here is the first shot across the bow: ACTA submits that the providers of this software are tele- communications carriers and, as such, should be subject to FCC regulation like all telecommunications cations carriers. ACTA also submits that the FCC has the authority to regulate the Internet. This request for relief, in its entirety, is here: http://www.fcc.gov/Bureaus/Common_Carrier/Other/actapet.html Mostly I guess IETF is supposed to be technical so I'll not blather on. The language in the request for reregulation (aka relief), Is really forcefully worded that Internet is screwing the little man with a phone pretty bad. No matter how you look at it... Bypass using Internet to begin and end in the PSTN (public switched network) is different politically and tarrif wise than a packet to packet only activity. Of course, its ultra messy. What did you expect? If one member in the session is on packets, to and from a MTA, the others are on a gateway and some of it is carried on ATM leased from a phone company... even if you want to fund the Universal fund... who pays? Everybody? just because one user joined in via a GR-303 connection? Our friends at Worldcom/MCI are in trouble for burrowing traffic to and from other countries to avoid tarrifs... presumably via IP. Its crazy in that you can't argue really this is anything except common sense, possibly both from traffic eng. and economics. The whole thing is a mess. But taxation almost always is messy. I think it was Milton Freedman who suggested designing a progressive taxation scheme that doesn't hurt the economic activity is like asking for a low-pain crucifiction. Some spots for the nails maybe hurt more than others. None feel good. But instead of being smart guy here... I have a suggestion. If you want Internet to florish with the minimum of trouble(s), don't call it VoIP. Called it QoS enhanced... personal enablement services, etc. When you write documents, etc help the sales people dream up there literature... whatever. Try to get the open ended nature of SIP in there. And of course, like the excellent lead of IETF? don't use PSTN numbers if possible. the Autonomous numbers used for the Cisco phone handout was brilliant. Anything but voice. Personal broadcasting sessions. Whatever. The question of whether the universal fund is valid is a diferent argument. I suggest its a preditory activity to deny access to services by subsidizing existing system with prejidice against low earth orbiting satellite providers. I am curious how Japan does this, but the island size and density makes the whole argument different to some extent. So, how's it work under the wise rule of NHK/MTT ??? regards, Dan Sorry if its not normal IETF subject matter. Its interesting to me, anyway thanks dan
Multimedia presentation services like (ugh) VoIP
I think SIP does more things that are fun rather than only things that are useful. This matters all the time; Not just when there is an earthquake, etc. Spending and planning, not technology per se determines whether things work in an emergency. Besides, the future is long. What familiar now shouldn't define an indefinite future. A SIP phone from Cisco running 802.af wireline power over ethernet on a big UPS is going to work as well as a phone switch. Now, whether the fabric runs. How about Internet enabled low eath orbiting satelittes? (with sat to sat bandbasses). This plus battery operated laptops... sounds like there not much earth in this to go wrong. Just an example. I think the brew your own Codec will be the ticket to very unforseen things (cool/fun) with SIP. Hope so, anyway! Dan
Well, Marketing maybe (SIP, etc)
Mike said: If you're going to go there, it's worth pointing out that the V in VoIP is a pretty artificial distinction too. Mike Dan said: Sip and even H.323 are Multimedia presentation services. All are extensible far beyond two user full duplex speech. Like mislabelling atmospheric changes global warming... calling anything using speech codecs under Ip VoIP it completely distorts it and disrupts understanding by the unwashed masses. Dan concludes: I just try to get people here (cable TV types) to try to communicate a level of abstraction to customers... operators, not just get this big bonfire to clobber phone companies going. Sure a technical term is cool for technocrats like: 802.11b but then if you want to call it Cintrino, (or WiFi), etc that's ok too. But I'm just suggesting after all the high costs and steep learning curve to make it work; (QoS, MPLS, etc) it should be sold with more sizzle (and accuracy) than poor peoples phone services. While on the subject... Has anybody seen a fer sure count of how many LDAP or RR named persons are out there for SIP names? Obviously, that's one bottleneck for SIP that's hard to overcome. regs, Dan Dan Kolis - Lindsay Electronics Ltd [EMAIL PROTECTED] 50 Mary Street West, Lindsay Ontario Canada K9V 2S7 (705) 324-2196 X272 (705) 324-5474 Fax An ISO 9001 Company; SCTE Member ISM-127194 /Document end
Pretty clear ... SIP
Since SIP is IETF not ITU its only reasonable to have internet believers lean towards it. H.323 ? Ahhh no thanks. No serious look at these can even consider H.323 etc and its derivitives as useful in the general case. The only reason they were used is the absence of a better alternative. Try to hook your Sony Playstation up through H.323 When would that move through committee? Spring of 2010 ?? Oh. Another reason for IETF to believe in it is that its basically a free comm technology. H.323 wants to drag in the old timers and their costs structures... dependance of geography, etc so there is a credible reason by most criterea. Regs, Dan
That's *really* new!
[EMAIL PROTECTED] wrote: ...IPv6 over telepathy Dan says: Wow! I had that idea yesterday; (It's almost like you where reading my mind) !!! Scoundrel!
Innovations in protocols
On Mon, 14 Jul 2003 13:35:42 EDT, [EMAIL PROTECTED] (Dan Kolis) said: [EMAIL PROTECTED] wrote: ...IPv6 over telepathy Dan says: Wow! I had that idea yesterday; (It's almost like you where reading my mind) !!! The draft for IPv6 over telepathy strongly recommends the use of IPSEC in multi-hop configurations, for all the obvious data-interception and data-injection reasons. Also useful for all TCP/IP; (Telepathy Control Protocol / Intra-Polergeist) messaging. Not required for UDP (Uber Daemon Protocol) though.
IMAP v. POP
Lots of users don't like you have to be connected to IMAP to do routine things fulltime. If your paying by the minute for CDMA2000, (for instance), getting frozen out of doing anything when your not connected turns people off. Network people like the reduced traffic on the network for POP logins than endlessly return 0 or whatever for 'LIST', when there is nothing to pickup. Hard tradeoffs, really. Regs Dan
IMAP v. POP
It was said about IMAP versus POP mail: Perhaps those folks should use an implementation that can manipulate mail offline and then sync with the server later. Dan says: The group I know have an information technology group which raid and confiscate anything they don't install. They terrorize everyone in this huge fortune 100 company, and if they don't run the approved software they delete everything. They only allow IMAP (not POP), and its all connection oriented. The idea is this is more secure. But ultimately, obviously, people can screen capture and/or print anything, somehow. Then it can be reabsorbed in digital form; (scan, etc). I guess I realize, nearly by definition, you could make an offline/online IMAP implementation. I think POP is awefully functional though. If it just had passwords not in the clear, and a better way to defer big attachments, I think it would be nearly perfect protocol/service. For home and casual use though POP is cool. You can only expect so much from it. And with the extensions it can do a lot. There must be a pure 'push' email protocol either in the works or done, is't there? Regs Dan
Stray question, (a little bit) (What's the best practice on this?)
Hi, A little off the center of the road, but that's nothing new here. As users tend to use HTTP email accounts; (for privacy, flirting, whatever) in enterprises this makes it hard to snag viruses to some extent. If the preferred solution in some server farm of linux and NT's whatever is snagging virus attachments at SNMP and/or POP3 interfaces, this is great and can work really well. But on the HTTP side (even worse? https), all sorts of GETs and PUTs can move items to and from on 80. To Java apps... whatever. Like attachments carried by hotmail and Yahoo, etc. Trying to tackle people in the hall and tell them what to do or not do just doesn't work, for one thing. You can't or don't want to generally encoumber abstract use of http and/or port 80. And, programs scanning the file system are very robust / reliable for a host of reasons. Any option on that? In tribute to the main purpose of this list: This is a problem which might have a protocol solution of sorts. I'm not use I like it, but seemingly the trasports could maim attachments by altering there MIME type. Bad way to solve a problem is to make somebody elses program/process crash though! Regs to all, Dan
SMS, New media, old media
Said presumably moments ago: we (the e-mail producing/consuming community) have the technology, we have the collective wit and wisdom, we have the proven commercial value of the service. what we lack, dear ietf, is simply: leadership. Paul Vixie Dan (Me) says. Well. I like Short Message Service on cellular phones a lot, and use it solidly every weekend to organize my life. I noted that when i mentioned spam is starting to show up on SMS, the first few (free tickets to the movies, Drinking adventures, etc). Everyone I told it too who use SMS more or less seemed pleased one of these days they might get some fun thing... pretty well, the preverbial free lunch of some sort. I mention this, becuase SMS is mostly decoupled from POP and SMTP mail. So is paper unsolicited mail and telemarketing by phone, and all have more in common with each other than techno differences. Technologies like http's PIC's are far too complex for non technocrats: http://www.w3.org/PICS/ In order to not getted mugged, etc, some people elect to live in walled cities. Others always let machines pick up voice calls before returning them. All kinds of strategies exist and coexist to manage unsolicited bits of reality. I guess (its particularly interesitng to see Paul V as a recipient of this): no one ever made a technology that let one person annoy 60 million people, even in one lifetime before, much less in seconds in ease and comfort! But mostly, if people didn't endlessly want something for nothing, this problem (and Los Vegas) wouldn't exist. I think maybe SPAM volume is at a natural equalibrium point now, and as young people get used to never responding, the traffic will turn the corner downward? Don't know. I know its been discussed 10E9 times before, but the IETF probably does best with engineering that's not associated with social engineering. Of course, though, authentication etc mixes who'w who, with hows-it-work about 50/50. PICS though, is a really well intentioned negative example. Not the first time MIT has made a solution for a non problem few people can figure out; (and... not that last, bless there ferroresenant, buckyball fuelled little hearts). Regs Dan
The utility of IP, port blocking
Said today: In a major example of false positives, we already have examples of one real cost of spam. AOL (as one example of many) has declared ranges of IP addresses marked 'residential' as invalid for running a particular application. In this case SMTP, but which app is next? There is a 'guilt by association' presumption here by the operations community, which when carried into other applications results in substantially limited value in the core IP protocol. About port blocking: I think its inevitable a class action lawsuit will be tabled that any port must be opened at the same rate/cost restriction structure (or lack of it), as any other. The concern IP is at least a little as risk for functionality is pretty serious stuff. MPLS might improve this by making only the edges know the applications. But the general principle you pay for X and don't get it because of the actions of others who's behaivoirs superficially resemble yours is unfair in a way regarded as often actionable. regs Dan
IAB policy - Spam, etc
Paul Vixie said: a long time ago i warned that the real victim of spam would be openness and that when closed communities with gates started appearing, then we would all know that we had lost the battle. what i failed to predict was how long the losing would last before lost was generally considered obvious. it seems that comcast has determined that it costs them a lot more support expense for a customer who can initiate SMTP than for a customer who can't. they may also have discovered that such customers are willing to pay more. and they have certainly discovered that maps's dul is a voluntary method by which they can reduce or limit their support expenses on customers who are not paying extra for the initiate SMTP service. if you don't believe that comcast ought to have the ability to control how its services are used, then your recourse is the local PUC, and the FCC. Dan Kolis says: Well, without a voluntary and widely deployed careful, specific, fair policy, eventually opening any socket will be (obviously) be a civil right, That is, if you have been enabled for a TCP session; (paid ISP, in school, etc) being denied any service on the basis of its content will be illegal; (at least in countries with civil rights policies). A like freedom of speech thing. This is why companies with differentiated services; (mail relay, MTA's, WWW) should charge less for basic service, have no support, and add QoS etc. And charge a little for everything beyond the basics. (UDP, TCP) This is clumsy but is exactly the dotted line between Value added and basic services the FCC used to regulate ATT. Clumsy, but if the legal system understood technology better, it need not be arbetrary. But, you know, since SPAM kicks this all off as a visible problem... just like direct mail (paper); if no one ever buys anything, or falls for a scam, etc the incentive to create it ceases. Too bad people are well, not too smart. Regs to all, Dan K Dan Kolis - Lindsay Electronics Ltd [EMAIL PROTECTED] 50 Mary Street West, Lindsay Ontario Canada K9V 2S7 (705) 324-2196 X272 (705) 324-5474 Fax An ISO 9001 Company; SCTE Member ISM-127194 /Document end
The essential non-weirdness of Son'ys Playstation PS2
Hi,
I happen to have an aquaintance who taught a course in California on writing
video games. This code fragment example is *hard* to find and *harder* to
believe.
With the Playstation PS2 selling 27 boxes a minute worldwide... and game
consoles selling 5+ billion $ a year, the box is actually *easy* to program!
The below is 100% of the source to make some stars fly by. The point is how
totally ordinary this all is. Compiled under Linux with free compilers, yet!
Sony has done a good job of making the last step of making a PS2 compliant
CD very difficult. But, fooling the box for testing is reasonably easy. And
they are not unreasonable about the publishing rights, etc.
The below seems completely accessable. A few weird libraries in the includes
and that's it!
I don't know if you find this as unexpected as I do. I visualized it would
take a dozen $100K programs glued together by weirdo good luck code to run.
Don't forget this $250 computer has 15 times the throughput of a Pentium at
1 GHz. And an audiance that would crawl over broken glass to play.
I think the audience on this email reflector might find this interesting.
Hope I'm right on that...
The author is on the CC line and the leading comments. Thanks for WWW access
to this code!
Regards to all,
Dan Kolis
// lilplasma.c
// my non-vpu-using first attempt at PS2 graphics.
// inefficient, but pretty!
//
// - [EMAIL PROTECTED]
// (or) [EMAIL PROTECTED]
// to compile:
// cc -o lilplasma lilplasma.c -lps2dev -lm
#include stdio.h
#include stdlib.h
#include assert.h
#include unistd.h
#include signal.h
#include linux/ps2/dev.h
#include ps2gs.h
#include ps2dma.h
#include math.h
static int gsFd = 0;
static ps2_gs_gparam *gsParam;
static ps2_gs_dbuff gsDb;
static ps2_gs_finish gsFinish;
typedef struct {
ps2_giftag tag;
ps2_gsreg_rgbaq rgb0;
ps2_gsreg_addr rgb0Addr;
ps2_gsreg_xyz xyz0;
ps2_gsreg_addr xyz0Addr;
ps2_gsreg_rgbaq rgb1;
ps2_gsreg_addr rgb1Addr;
ps2_gsreg_xyz xyz1;
ps2_gsreg_addr xyz1Addr;
ps2_gsreg_rgbaq rgb2;
ps2_gsreg_addr rgb2Addr;
ps2_gsreg_xyz xyz2;
ps2_gsreg_addr xyz2Addr;
} TriPacket __attribute__((aligned(16)));
static TriPacket triPacket;
static int costa[256];
static int t;
void cleanup()
{
if (gsFd 0) { ps2_gs_close(); }
}
void draw();
void renderinit();
int main( int argc, char *argv[] )
{
int frame, field;
signal( SIGINT, exit );
atexit( cleanup );
//triPacket = memalign( 128, 128 );
gsFd = ps2_gs_open(-1);
assert( gsFd 0 );
gsParam = ps2_gs_get_gparam();
ps2_gs_vc_graphicsmode();
ps2_gs_reset( 0, PS2_GS_INTERLACE, PS2_GS_VESA, PS2_GS_FRAME,
PS2_GS_640x480, PS2_GS_60Hz );
ps2_gs_set_dbuff( gsDb, PS2_GS_PSMCT32,
gsParam-width, gsParam-height,
PS2_GS_TEST_ZTST_NEVER, PS2_GS_PSMZ16S, 0 );
*(__u64 *)gsDb.clear0.rgbaq =
PS2_GS_SETREG_RGBAQ( 0,0,0, 0x80, 0x3f80 );
*(__u64 *)gsDb.clear1.rgbaq =
PS2_GS_SETREG_RGBAQ( 0,0,0, 0x80, 0x3f80 );
//ps2_gs_put_drawenv( gsDb.giftag1 );
ps2_gs_set_finish( gsFinish );
ps2_gs_wait_finish( gsFinish );
ps2_gs_start_display(1);
field = 0;
frame = !ps2_gs_sync_v( 0 );
renderinit();
while(1) {
ps2_gs_set_half_offset( frame ? gsDb.draw1 : gsDb.draw0, field );
ps2_gs_swap_dbuff( gsDb, field );
draw();
ps2_gs_wait_finish( gsFinish );
frame = !ps2_gs_sync_v( 0 );
field = field ^ 1;
}
return 0;
}
void renderinit( )
{
triPacket.tag.NLOOP = 6;
triPacket.tag.EOP = 1;
triPacket.tag.PRE = 1;
triPacket.tag.FLG = PS2_GIFTAG_FLG_PACKED;
triPacket.tag.NREG = 1;
triPacket.tag.REGS0 = PS2_GIFTAG_REGS_AD;
triPacket.tag.PRIM =
PS2_GS_SETREG_PRIM(
PS2_GS_PRIM_PRIM_TRIANGLE,
PS2_GS_PRIM_IIP_GOURAUD,
PS2_GS_PRIM_TME_OFF,
PS2_GS_PRIM_FGE_OFF,
PS2_GS_PRIM_ABE_OFF,
PS2_GS_PRIM_AA1_OFF,
PS2_GS_PRIM_FST_STQ,
PS2_GS_PRIM_CTXT_CONTEXT1,
PS2_GS_PRIM_FIX_NOFIXDDA );
triPacket.rgb0Addr = PS2_GS_RGBAQ;
triPacket.rgb1Addr = PS2_GS_RGBAQ;
triPacket.rgb2Addr = PS2_GS_RGBAQ;
triPacket.xyz0Addr = PS2_GS_XYZF2;
triPacket.xyz1Addr = PS2_GS_XYZF2;
triPacket.xyz2Addr = PS2_GS_XYZF2;
triPacket.xyz0.Z = 0xFF;
triPacket.xyz1.Z = 0xFF;
triPacket.xyz2.Z = 0xFF;
{
int x;
for (x = 0; x 256; x++) {
costa[x] = (int)(32767.0f * cos((float)x * 3.14159f * 2.0f / 256.0f));
}
}
}
void triangle( unsigned char r0,
unsigned char g0,
unsigned char b0,
int x0, int y0,
unsigned char r1,
unsigned char g1,
unsigned char b1,
int x1, int y1,
unsigned char r2,
unsigned char g2,
unsigned char b2,
int x2, int y2 )
{
triPacket.rgb0.R = r0;
triPacket.rgb0.G = g0;
triPacket.rgb0.B = b0;
triPacket.rgb1.R = r1;
triPacket.rgb1.G = g1;
triPacket.rgb1.B = b1;
triPacket.rgb2.R = r2;
triPacket.rgb2.G = g2;
triPacket.rgb2.B = b2;
triPacket.xyz0.X = (gsParam-center_x + x0) 4
COM? Ho
COM is a failed experiment and needs to be closed and/or eliminated. What about X.400 ??? Regards, Dan
Dislike your Spam for breakfast?
Seems like there is a sort of mail loop or some nasty business on this list. I like my ideas enough to hope to see them repeated here: once. If you get an extra serving. Sorry. its not me doing it. Well, if you *never* pay a ransom, you *never* give to a panhandler and you *never* bite at the *FREE for you click here* you attenuate the activity (hostage taking, begging and spam) to non-existence. The problem is on rare ocassion, the unsolicited thing is compelling enough so people respond, and of course, this validates it as an activity if it is ultimately a legitimate transaction. As you know, all unsolicted advertising by EMail with a single california target is supposed to begin with a subject line ADV: http://www.spamlaws.com/state/ca1.html (g) In the case of e-mail that consists of unsolicited advertising material for the lease, sale, rental, gift offer, or other disposition of any realty, goods, services, or extension of credit, the subject line of each and every message shall include ADV: as the first four characters. If these messages contain information that consists of unsolicited advertising material for the lease, sale, rental, gift offer, or other disposition of any realty, goods, services, or extension of credit, that may only be viewed, purchased, rented, leased, or held in possession by an individual 18 years of age and older, the subject line of each and every message shall include ADV:ADLT as the first eight characters. So, all you need is one more law; (sorry, just one, or amend this one) that anything you get without that filerable warning, you keep for free. Order it with a credit card; (preferrably a cancelled one). Send them a perfectly bad check. Break into their building and TAKE it; (Well, if they posted it was free for the taking and they don't send it to you). Promise to take the vice president of the bank of Nigeria to a big dinner, whatever. Keep, eat, wear or smoke what you get. Then cite the law to protect you, and if your feeling meaner, look over transaction for a bonus charge like Libel. The paper world of mail enclosures has endured this basically and they still fill my porch and mailbox pretty good. Without that recourse, I'd have to use a fork lift, I guess. By seriously I like crypto and use it a lot. I think this is the rare case of a technology driven problem, which is only a minor problem, but still, has no clear technocrat fix. Yup Dan
The dismal science meets computer science - The obvious thought experiment
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On [EMAIL PROTECTED] Hmmm. Very interesting material here on economics and traffic analysis. I remember when I heard as a young teen Kruschev and Kennedy agreed and primarily designed Intelsat, that anything upon which those guys agreed with certainty must be wrong. (doesn't really matter who decided this. The point is a framework for a thought experiment about Internet economics). Now, the argument I recall WAY BACK then; (ex post facto to me, but this also doesn't matter), is that the earth was DEFICIENT in that the moon wasn't a good enough natural reflector for unlimited telcom traffic by using it as a reflector. This is the thought experiment I (either) recalled or dreamt up during a discussion. -So- to remedy this deficientcy, institutions of a non profit and non discriminitory nature (Intelsat) came to be as an alleged no profit, dogooder driven institution. Of course it got, fat, overpriced, arrogant and bad at technology. The Communications Satellite Act of 1962 was passed and the new organization came into being in March of 1963 with a charter to establish in conjunction with other countries a global communications satellite system to serve the needs of all countries, especially the underdeveloped, and to hopefully, through its creation, contribute to world peace and understanding. http://www.clarkeinstitute.com/lecture4.html Of course, the underdeveloped world never got anything whatsoever, but an endless expensive committee blundering along for 11 years and subsidizing a lot of probably entertaining travel: http://www.peak.sfu.ca/cmass/issue1/access.html Anyway, nothing new there. I leave it to you to decide on the peace and understanding part. Also serve the needs of all countries, is a bit of a hint, too. How about the people in them? But, *if* the moon allowed reliable low attenuation telecom; (or if the atmosphere simply permitted it by some other physical law unmediated by humans). Its nearly impossible to understand if Internet would be sustainable. Without a rare resource; (transponder, fiber, etc) to allocate via a cost, its possible the initial anarchy would yield to some licensing system; but whatever system it would be would still leave it brutally overutilized and barely functional. And investment to make alternatives would be impoverished, as they would always face the prospect of competing with a free system. The only reserved parking spot carefully considered is the *last* spot. Now in the book Technologies of freedom; the mightly intellect of Illithel de sola Pool is even stuck on resolving much of this. Now; you PROBABLY EXPECT SOME ALLEGED MASTER PLAN insert here from a smarty pants guy like me, but, ah no. Instead the possibilty Global Crossing, Worldcom, etc fiber operators will operate the businesses without replacing / sustaining the investment, and the emergence of Low Earth orbiting satelittes carrying TCP/IP for next to nothing; (or nothing as part of some value added package). Is going to happen. The reference condition for any theory of telecom should be that transport itself doesn't cost anything, and its all still sustainable. This has hints in it: http://www.isen.com/ AKA the rise of the stupid network. (1) But the reference condition is a network so stupid its: infinite in bandwidth, instant, 100% available, secure, and free. We first encountered this formulation in the September 2001 issue of Roxane Googin's High Tech Observer. She wrote, The perfect network is perfectly plain, and perfectly extensible. That means it is also the perfect capital repellant, [which] implies a guaranteed loss to network operators, but a boon to the services on the 'ends'. http://netparadox.com/ I promised no master plan, but it seems like its at least possible to have an endless stack of value added services absorb the infrastructure costs. Maybe there should be a structural floor for all the infrastrucutre services, and it simply be replacement at life end for the hardware? I don't know. When Atomic energy was proffered, it was going to be electricity too cheap to meter, so this reductio ad absurdum tends to show up; and when done on a large scale (aka California power), hurt people. Sometimes, I wish I hadn't napped quite so much in economic's class, sometimes. )But the room was always so darn warm) ! Regards, Dan -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.2 for non-commercial use http://www.pgp.com iQA/AwUBPZjvs39JwDiUknlyEQJssACg1PIsvGInVXFjAM3JDXWQFlcmcRIAnihi KLRKHlazq57TnvrBTY922cew =CC3l -END PGP SIGNATURE-
Bernie Ebbers - Worldcom
Hi, Its just my not too humble opinion, but I think Bernie E at Mci/Worldcom is getting kicked in the ass too hard by congress and the investment community. Same with 360. Some dude busy chasing interns through the halls of congress and the people at SP are unhappy. Ok. But, there are fiber Erbium Amplifiers on the floor of the ocean carrying Gigabits of messages a second; (including this one). There *not* there without some scary risk taking. Maybe they need some community college classes in accounting, I don't know. I *not* saying 360 and Worldcom CEO's and so on are super hero's but, for one thing, there is real value in the big pipes. The general public thinks this is Enron II. Its completely different. Yea, off topic, but it effects this community, Dan (KL: This was sent to the Internet Engineering Task Force reflector) Dan Kolis - Lindsay Electronics Ltd [EMAIL PROTECTED] 50 Mary Street West, Lindsay Ontario Canada K9V 2S7 (705) 324-2196 (705) 324-5474 Fax (705) 879-8257 CELL An ISO 9001 Company; SCTE Member ISM-127194 /Document end
Dynamic DNS - The dark side
Geoff Huston [EMAIL PROTECTED] said: The essence of the architecture of mobility is to allow the identity of the mobile device to remain constant while allowing the identity of the location of the device within the network to vary. The dynamic DNS approach attempts to bind the domain name as the device's persistent identity and allows the current IP address to equate to the device's current location. Obviously, as already pointed out, the restriction here is that the device cannot support persistent state across location changes, but worse, as far as I can tell, is that it is an approach that has poor scaling properties. Dan K (hey that's me) says: Well, I'm working on a residential gateway with some novel features and one rule for cable tv is: No changes to the CMTS headend at all. But the urge to have some DNS faking software is *very* hard to avoid. Takes some sort of trivial case like the redirect for http. Yes, sure there's a temporary and permenent redirect. Do you trust some *unnamed company*'s software to execute this, or would you rather snag it, fake it, and know it works. Problem is, if there isn't some trust in the technology of the infrastructure, ultimately internet will start to unravel. I think we should avoid conversion to the dark side and trust the protocols, etc. And that means mostly not making dynamic entries appear in the DNS. Maybe just means reading the rfc's in more detail and assuming on ocassion some peoples non conforming software will strand them on ocassion. Regs to all, Dan Dan Kolis - Lindsay Electronics Ltd [EMAIL PROTECTED] 50 Mary Street West, Lindsay Ontario Canada K9V 2S7 (705) 324-2196 X 268 (705) 324-5474 Fax An ISO 9001 Company; SCTE Member ISM-127194 /Document end
Dynamic DNS - The dark side III
Tony Hain [EMAIL PROTECTED] said: Mobility is not the only reason to use DDNS. Consider the case of Dan's residential gateway. If it provided a consumer-friendly automated DDNS server for a sub-domain delegated to the residence, what are the hard issues? First would be security, but that is reasonably addressed by making the dynamic registrations only possible by devices on the lan side, and by a simple web-based cert mechanism between that device and the ISP DNS infrastructure. This aligns the DDNS trust boundary with the basic service boundary. Second would be getting past the brain-dead perspective that consumer connections to the Internet should not be hosting services. The entire set of peer-to-peer applications is based on the fundamental assumption that a service endpoint can exist anywhere and be found through simple resolution of a name. What are the reasons to do it? First the consumer would have simple consistent access to name resolution for all devices on the home network. Second, they would be able to expose services (peer-to-peer games, appliance diagnostics) that fit directly into the naming framework they are already accustomed to for other Internet services. Third, it scales much more realistically as the infrastructure side only has to support updates based on the attachment frequency of the consumer network, not every device as they power up, or move between subnets. This would also allow for very short TTLs where they make sense without requiring them to be everywhere. Dan says: Well, this makes me feel better and there is certainly a lot of good thinking in the above. I wonder, though since I know almost nothing about IPNG whether maybe its handled there better. It seems to me for troubleshooting, its awefully handy to think of the DNS as more or less static. If the connection that used to be somebody's WWW pointing to there childrens playground is instead the sex-with-goats hotline for 20 minutes, its harder to troubleshoot if everything is dynamic. I'm arguing both sides clearly becuase it a subtle tradeoff. The scalability thing is a good point. In my implementation, every house it going to have a WWW server, some with fixed Ip's some just pointed to by a corperate resource, some an intentionally obscure port and (maybe dynamic) DHCP assigned IP, etc. I think TOny is perceiving the DNS process as just another service, not a framework per se. But with the name resolution Internet board, etc, it has a quasi-legal status already. I guess among other things I don't quite get is why if an ISP buys an IP for $0.35 they rerent if for ten times that, per month. I'm rambling. Its a fun topic though. Regs to all Dan
Utility of dynamic DNS
Randy Bush [EMAIL PROTECTED] suggested a URL about dynamic relocation and the DNS at: http://ops.ietf.org/dns/dynupd/secure-ddns-howto.html Its very interesting and a bit over my head, perhaps. Maybe its a friday document! Why Dynamic Update? Dynamic update proposes to provide a workable solution to the seemingly trivial operation of exchanging data between two computers with known names both visiting a foreign network where we don't know, care or trust the underlying address. This feature has long been available for specific platforms, but a general OS-agnostic method has been lacking. Especially the crypto components I find pretty complex but one thing I know is that its *not* a trivial operation. Especially when you start to consider how little you might know about the network your on. It seems like there must be loopholes all over for intentially letting your app fail to do a thing so the story of how it failed reveals things that have security implications. Very interesting! Dan
Bagged cats and DNS elfs
Ed Gerck or Vint Cerf said: Since the cat can, and indeed may, go back to the bag in this case, it seems to be in our best interest to find ways to induce trust without recourse to control (or fear of) as the only solution. Dan says: Oh. Cats back into the bags? Easier to say then do. I noted a MIT paper and my own current screwing around with a product that fakes DNS entries to live with DHCP IP addresses looking nailed up. Internet is going to get as lot weirder in a deep sense, I think. No matter we in principle is in control. If IP numbers are the holy grail, DHCP is the cat liberating technology. Dan
Bandwidth? BANDWIDTH! We do (maybe) need more stinking bandwidth
Seemingly of interest specifically to: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] At 08:57 PM 1/21/2002 -0800, Lixia Zhang wrote: Note I am not saying MPLS is the right solution for the problem. To me the right solution to the above mentioned problem should be a multi-path routing protocol. Dan K says: Whether its MPLS and/or QoS or something else it occurs to me intrinsically every extra byte that's not payload also is overhead. That's not saying its not worth doing, just that it has a cost. Also, Cisco et al are going to do some forklift upgrades here and there, and there are admin costs (eg. testing) to making something new work on a planetary scale. (1) There should be a model thats like a spanning tree model, weighted for any axis of freedom to make a completely deterministic solution to network routing given different flavors or quality. I worry though it might be a parellel to the bridge of Konigsburg problem. Which either has no deterministic solution; (I can't understand why), or is NP complete. Either is equally bad for a network with a billion people on it! http://thesaurus.maths.org/dictionary/map/word/835 Its right to the philosophy of packet switching versus circuit switching. If you book every hop and its mostly invariant, you just built a circuit switched system from a packet one. No body is going to *stop* anyone from doing that, but its driven by different goals. For instance, if in 2015 bandwidth went up 100 fold per user, would all the QoS/RSVP etc just be overhead and get turned off? This wouldn't be so bad of a thing. It occurs to me its pretty complex to say the least. for instance is it ethical to test a path from an application, yet ask for a RSVP circuit as a backup in case congestion kills the higher bandwidth, less certain path? If so its important the reservation processes have virtually no overhead if not used. Seems like a hard goal. Some infinite spanning process crawling Internet to discover paths and sort of allocate them, that a piggy thing for sure! And regarding tarriffed value added services, very un-internet like indeed. Regards to all! Regarding (1) seems like a component of that potential NSF process?
Bandwidth? BANDWIDTH. We don't need no stinking bandwidth... we gots labels and a fancy RSVP to fix us up!
[EMAIL PROTECTED] asks in jest: Of course its true: no amount of QOS can generate any additional bandwidth But is the converse also true? Seriously though I say: Huh? If its free... QoS = not having QoS because everybody's app will ask for it. If there is a tarriffed QoS service every process will say it has bandwidth even if it doesn't, so as to not turn away business. I think its a very messy thing in the real world. I think that MPLS might be closer to the mark. I guess I don't know enough about it. You know since certain ports are assoc with certain things like SIP and H.323 etc its possible to implement differential service catagories without inventing anything new. If your firewall is so clumsy it can't stay on the right ports, it *should* punish the site! I bet some really savvy big in company IP clouds do this already. regs Dan
Cable modem spec(s) sites - lookie here
hi, Cablemodem means you would like info on DOCSIS (Data Over Cable Systems Interface Specs) right!! Well i guess DOCSIS 1.1 is currrent. Following are the MIBs for DOCSIS: Hi Probably full specs in PDF (about 800 pages in pieces by ISO layer) at: http://www.cablelabs.org but you have to poke around. Some detailed stuff is at: http://www.scte.org/standards/standardsavailable.html and less detailed stuff is at: http://www.cablelabs.com/about_cl/publications.html If you think how this interacts with the RFC's and ANSI, IEC, CCITT, SCTE, etc it would be unlikely a pickup truck would hold all the 'specs' on paper, so expect to piece together what you need. If you want more help I can try to help (no promises). good luck Dan K
Cable Co's view: NAT is bad because we want to charge per IP, etc
[EMAIL PROTECTED] said: Of course, cable companies probably won't impose rate limits as long as DSL remains an option, because then they wouldn't be able to claim (inaccurately) that cable gives you more bandwidth than DSL. At least publicly ... In Canada, several cable carriers put rate limits on the upstream at 14 Kbytes/sec and on the downstream at 2 Mbit/sec. Of course, the service is much slower than that on evenings, but it cannot be faster than that imposed by the rate limits either. What is the real problem is that no cable carrier will actually file their rate limits in their regulated rates before the CRTC. They clearly benefit from the fact that end-users have no way of actually knowing that they are being rate limited. Now that Bell Canada has just filed an economic evaluation demonstrating profitability of providing residential ADSL at $19 CDN ($12-13US) per month, cable carriers in Canada will have no other choice to increase those rate limits or risk loosing most of their subs to Bell. That being said, this will only happen if they can survive... Cable carriers have an infrastructure which cannot be used to play the bandwidth game. That's why they're so fond of walled content gardens and free portals. The problem is that in Canada, they wont't be able to play that game since higher-speed services over cable is regulated as a telecom service as per CRTC decision 1996-1, something that DN00-185 @the FCC is taking very long to come up to the same conclusions. =Francois=- Dan K says: We make CATV equipment and both CATV and telco's have practices which reduce bandwidth access. Since not too many people stop by the DOC or FCC offices on the way to work to read a few hundred pounds of dockets, I don't see it really is compelling to document the nasties. Seems like fodder for tort law and class action court cases. But I see you point sneaky is uncool in principle! Bell here allowed (I don't know this is still the case) only a small number of sockets to open, so multiple windows calling port 80 were self blocking. This is an equally devious, technological implementation. It is not obvious its happening intentionally, that one app stalls while another finishes up. Other cable companies have a back off algorhythm such that if you really use a lot of forward bandwidth you get entire slow days... Its not true you can't have amazing bandwidth on CATV. One system we built gave 622 Meg/Bit/Sec on the top of each city block. The system was just transparent to the Media access interconnect including MBONE. Its *not* commonly done, obviously and its all about cost. The real complexities are still to come. Is QoS going to be a cost plus service? Does the non-QoS subscriber live with scraps between the QoS people? QoS seems to favor telco technologies, allmost circuit switched systems in some ways. I'm being circular in some ways but suggesting all allocation schemes suffer with fairness doctrines. Economics isn't called the dismal science for nothing. Finder's keepers, first come first serve, pay for everything by use, etc all inconvienence somebody. I guess the goals of goverments in North America anyway is to somehow configure the marketplace to maximize bandwidth enough to make the fine points dissappear, that the playing field gets so close to flat its very close to ideal. Elithiel de sola Pool's book; Technologies of freedom argues that bandwidth should be close to free and only bad policies endlessly interfere. However, as a person making a living off purchases of telecom gear, I suggest there seems to be a lot more mouths to feed when a big pipe is activated than you might imagine. Interesting questions, however. Thanks Dan
Question about posts on this forumn
Hello, Does this email reflector pass through plan text attachments to all? I sort of think its a strength of the odd email community that it gets off topic *some*. FOr instance I really found the dialog I just got about 3D teleconferencing interesting and want to post it, but think, Hmmm pretty off topic. My preferred solution is a few lines as open text in the body and then a plain text atatchment. What it comes down to is the community of people reading this, for example, are some hardcore technocrats who embrace new technology. All info technology sooner or later will does or must connect to Internet. Internet, is all, obviously. So its a temptation to share items which are pretty tangential. How about a short post and text attament? Is that cool? I don't want to be percieved as a weirdo here... Thanks Dan
3D technology? I'm afraid to ask, but I am too curious not too
Why isn't the Internet and 3D technology used for the IETF meetings ? The Next Generation IPv8 Internet has that. Why is the IPv4 Internet Ok. MBone or not, Mime type or not, whatever. Is there some 3D imaging thing that actually exists for teleconferencing actual people I don't know about? A holographic Codec for H.323? From the first moment I say the post, I thought What is this about, actually? If its nothing, that's cool. If its something, that's cooler. Dan
3D technology? An interesting Teleconferencing box thing
This thing is a university type experimental gadget, It's completely irrelivant to this forum, but I would sure like to have one. http://www.evl.uic.edu/research/vrdev.html On the Internet planning side, I'd guess a three sided box of projection TV's and a camera and whatnot is probably 10 times the BW of a similiar routine teleconference. No big new technology required there, just more of the same. There is probably some optical issue just like Stereo tracks can be carried more effeciently as (L+R, L-R) then (L,R) so facing surfaces can share Discrete Cosine Transformations and be compressed together. Hmmm. RTP probably. Anyway, if Nintendo bring one out, a lot of adolecents would get even more sedentary. Oh! the fun people would have with this thing. Too bad there's not one on every corner. Regards to All, Dan K
802.11B on CATV
Greetings, I'm looking at techniques of moving 802.11B traffic on and off two way Cable TV systems. Most proposals try to avoid any serious store and forward and instead want high response systems which are somewhat coarse. This may gnaw off the leading edge of packets and protract the trailing end of them. Protocol designers generally are savvy to such issues and craft the packet structures with some padding in the front end. Still, very small design errors in the data radios; (eg. a little capacitor here, a shift register master clear there), can radically effect the actual throughput. It depends for instance on whether firmware or entirely hardware has to sort this minor suboptimum issue out. Anyone with issues/ideas or direct experience, please corresp. with me/us if you like. Thanks Dan
Packet loss graphic - current affairs
Greetings to all, The useful Internet traffic report which sort of graphs ping like info including packet loss, etc shows some network congestion around 19:30 GMT (0 Zulu) about 4 hours wide. I've attached one of the packet loss graphics. For others the URL is: http://www.internettrafficreport.com/ Its fairly simple to interpret but if you want to understand it in depth, read the ancillary text. No engineering organization; (well, maybe *very* future based genetic engineering) can rewire to reduce human hatred and generally unreasonable behavior, but it can make things that work well or poorly. I'd suggest Internet showing generally from these maps to be a letter grade of C. Delays 1:3, no systemic failure. Probably a better showing than other world systems for instance; Air travel in North America, Cellular site congestion, etc. This is just about exactly the level of service disruption experienced here in Ontario, Canada. The IETF sub commitee's on emergency traffic... I'd suggest emergency restoration is the esssence of the goal as opposed to selective routing. I noted CNN for example went to text only for the heavyest portions; (or tiny graphics), undoubtably thinking of their bandwidth. Deciding on what constitutes emergency traffic is very subjective, anyway. This problem occurs in phone switches (circuit switched) too. (1) You might use a familiar tool like a chat server normally used for recreation to inform or inquire over a life or death situation, as opposed to a less familiar, never before used resource. I noted in the media those aboard doomed aircraft using cellulars frequently called a named person; (husband, etc) not a emergency service. This may be non-rational, but it fite the scenerio (1) above. There's always something to be learning in bad things hapening. And bad things will always happen, even without human malice; (earthquakes, etc). So as Internet becomes the fabric of conciousness it does seem worth worrying about the details. I'd say the Internet community has done somewhat, (if slightly) better than there circuit switched cohorts. Regards, Dan GPL.GIF
Disaster Management medical info HL7
It was said by [EMAIL PROTECTED] earlier today: There has been many disaster happening in the past, like in Turkey, or like in Taiwan earthquake where a submarine cable was cut. I think it is time that the Internet become serious and reliable and that the IETF work on internet and disaster to ensure absolute reliability for emergency services which was not the case for the Vanderbilt Medical Center for example. Can you trust your life on the Internet succesfully delivering a piece of information or at least telling you that it was successfully delivered or not? Dan K says: Here in Ontario, Canada in principle there is a socialized medical system, so in theory there should be lots of cooperation. But through my consulting I became exposed to the complete failure of a bizzare failed 'standard' called HL7 for health care information. Read and weep at: http://www.hl7.org/ Despite incredible spending and the best of intentions, there is no information technology across institutions in health care, and it has nothing to do either with will to do it, money, or least of all, Internet. No one trusts what comes out of these systems. Somebody with no understanding of computer science started this thing and in the absence of logic, its the only game in town. On the other hand, the Vehicle Information Number heirarchy works pretty good. A car gets far better information technology care cradle to grave than a person's life, cradle to E.R. Anyway: I agree Internet technocrats should *try hard* to make it the ultimate 24/7 socket-to-socket system and build protocols than are 1E99+ perfectly reliable. Cryptologically sound, resource efficient, tracable, robust, etc. But some of the baggage from the human experience means lots of things still won't work right. Want to email a X-ray to Mount Sinai Hospital in Baltimore to catch up to some smashed up human being sent there in a vehicle? http://www.lifebridgehealth.org/sinaihospital/ try to find an email adress; (no standard for any of this). Hmmm didn't make the first couple WWW pages. Hey! But 'Fundraising' did! Its all about priorities. I suppose you could try postmaster and they could print it out, tape it together, and wander through the building If there not out snowboarding. PS: there is a perfectly explicit, tested protocol to encode and decode the image, but no way to figure out to which human being it applies. Maybe technocrats should consider the RFC, BOF's etc as organisational elements are important gifts to the normal badly organized world and spread these techniques better? I'm rambling, sorry. Dan
OAM - Operation, Administration, and Maintenance
Hello, See: Operation, Administration, and Maintenance http://www.cisco.com/univercd/cc/td/doc/product/atm/c8540/12_1/peregrin/sw_c onfg/op_maint.htm#30838 Good luck. If you didn't get a good overview it will be a crapshoot to write a program to do it. Hmmm, hope the above helps. Let me guess, its a directive from Marketing -- Hi, I am to design the performance managment and fault managment for an ethernet gigabit switch. Please can anyone of you share any documents which you are aware of may help me. I have absolutely no idea as to what OAM is and till now i have only worked on routing. What exactly is OAM and any links anybody is aware of ?? Thanks and Regards, Mary Sheldon
SIP versus H.323 Multimedia teleconferencing iii
Thoughts from Paul as { [EMAIL PROTECTED] } begin with
those from myself with { [EMAIL PROTECTED] }
Thanks for your thinking. I don't want to overburden this list with items
which might best be discussed elsewhere, so if there is a perception this
goes on and on, just email me and I'll move it to a more private space. I
really appreciate Paul's responses as below. Thank you.
In reacting to my comment H.323 has done poorly Paul said:
H.323 has not done poorly. In fact, it is the most widely used
standards-based call control protocol. The largest chunk of VoIP traffic
in the world is carried over H.323-based networks. Even now, H.323 is
finding new markets that SIP has only begun to touch. SIP is missing a
number of critical components necessary to really make it carrier-class.
I wonder how many IP telephony (multimedia conferences featuring voice
primarily) are in use. For instance ATT broadband have about 850K broadband
(ie CATV) circuit switched phones in the USA. I agree with the above,
especially since it has to be the most widely used as it is really the only
one that exists at all! I mean its not, at least at this time, what the
computer industry calls a killer app.
So, the entire paragraph about this standard did poorly is false and
SIP looks like a winner is likewise false. That's not to say that SIP
is a failure: it's just that it has not met with the same market success
as H.323 (yet-- I suspect it will one day). Definitely, Microsoft is
planning to roll it out in XP and that will excite a few people. At the
same time, it will put a few companies out of business as Microsoft's SIP
proxy will become the defacto-standard. I have not seen pricing, but I
would bet it will be extremely inexpensive.
Effectively, Microsoft Messanger Version 4.XX running under WIN 2000 or Win
XP is essentially free. Its mildly maimed as a strategy. I think this is
fair but wonder if it strickly conforms to SIP, as far as that standard is
promulgated. poorly is a troublesome term. I guess, relative to what? When
we tried to use it here it worked with minimal effort on one side of our
firewall(s). But the effort to support it port usage seemed high. Generally,
few firewalls seems able to support the 1024 very abstract port usage H.323
requires. Also, if the computing entities want to help H.323, for instance
with RSVP QoS, source routine, etc its hard for them to know which port is
H.323 without snooping at a very low level. I discern this situation I
do not know this is true for sure. Its what the various firewall expert(s)
have said about H.323 Of course Peter is right the next big thing in this
field is 2Q away in time and that's what Microsoft does.
The result of this roll-out will force many out of business or force them
to change their business strategy. Because the Internet is a poor medium
for IP Telephony, many people will not even use it.. just as few used
NetMeeting for VoIP. What usage it got was primarily for data
capabilities. Of course, there will be some usage, but I suspect that
most VoIP traffic will still come from dedicated hardware (IP phones,
residential GWs, infrastructure equipment, etc.)
Neither of us know the future, but I think I'm inclined to *not* agree. I
think for $0 calling globally millions of PC users will put up with latency,
for casual use; (like voice while playing X-Box, PS2 games, etc). Also, the
present universe for high speed connections for instance, at home is around
10% (200 kBit/Sec): xDSL, CATV, ISDN. This might be near, but still under
critical mass. Your right again in saying many people will not even use
it. My issue is the many tens? of millions who will if they can get it to
work at all!
Supporting H.323 through a firewall is not terribly complex and SIP
suffers from the same problem: layer 3 addresses are carried in the
application layer. These are quite comparable.
For a more thorough comparison of H.323 and SIP, visit:
http://www.packetizer.com/iptel/h323_vs_sip/
Best Regards,
Paul
The wwwpacketizer.com site assoc with Paul is an amazing resource in this
field. I've spend the last 3 hours reading RFC 2543 on SIP and it seems like
it has a lot of heavy duty good thinking in it. I should read the similiat
H.323 documents.
I do cable TV and where I consult that's what we do here in general.
Thanks for the info and I am going to read the packetizer site in some detail.
regards to all
Dan
Off season locations
Harald Tveit Alvestrand [EMAIL PROTECTED], [EMAIL PROTECTED] said: actually the cheapest place, hotel-price-wise, to hold IETFs would probably be in a tourist trap on the off-season (the Riviera in October, after all the bathers have gone home, but before the staff leaves the hotel...) I say: For North America Vale Colorado during the summer is 1/5 the costs of winter. Fly to Denver, take a van for $27 both ways, hotels slightly off Vale; (but still accessable via a free urban bus route, absolutely no reason to rent a car), are cheap. The place has everything. I was impressed with the two public swimming pools with water slides; (Uhmmm, for dogs)! There is a ampphtheatre with a glassy lawn and shaded area too. You could have a session outside. Weather is (usually) perfect. Very expensive when the ski thing goes down... Very underappreciated in summer. Dan
URL Resolution in printed matter
Grretings, Some few days ago I posted a question for an opinion, perhaps it was too long? The question is: in the RFC framework would a specification for barcode / machine symbols to URLS be too far afield of ietf mandates? There are some DNS like issues, but not too many. I'm a little surprised a field getting a fair amount of attention seens not to have mush pseudo-formal input. Regards, Dan Kolis
Question of applicability, please express an opinion if you have one on this
I've been watching the horror of this barcode URL field evolve for some time. I have intellectual property in this field and do have a stake in it. But, also, it is interesting. If you are not in North America perhaps you haven't heard of this giveaway item called a cuecat. Its a barcode reader for internet access. http://www.google.com/search?q=cuecat Will give you hours of background material, none of which you need to express an opinion. Suffice it to say there are many attempts, both profit and non-profit to make all sorts of printed matter bear machine readable symbols and do things on Internet. Avoiding typing in URL's from magazines is the tip of this big iceberg. Question: Is this too far afield of ietf to consider RFC tracks as a medium? Cuecat is a perfect, bad example of trying to evade creating a real standard and kludging together functionality any old way. I'd suggest the machine readable form have the following properties: 1) Not require (yet permit) redirection, that is, a symbol can point to anything and create "action at a distance" without a 3rd party. 2) Be completely extensible via ASN.1 3) Be human lauguage aware, yet language neutral. I'm considering creating a suite of proposed standards in some detail. Specifically, there is a UDP functionality for redirection much like DNS. It is different enough from DNS it should stand alone. Seems like that *part* is a potential, logical RFC. Other standards might be EIA, ECMA, eventually ANSI blessed, for the interface between the readers and the personal computer(s). On the other hand, an integrated RFC; (more likely three or so of them), might be a single stop shopping experience for the implementor. You can answer via the reflector, or one to one, as you prefer. This kept me up last night for hours tossing and turning. Then I dreamed of alien abduction. Maybe the cuecat company, Digital Convergence, will spend there last 30 Million on a plan to suck me into the mother ship for assimiliation? Thanks for your time; (They aren't making any extra of that, so I appreciate the allocation). Dan Kolis
Balkanize - IDN
Keith Moore [EMAIL PROTECTED] said:
People can and will use their own languages on the Internet - in email,
on the web, and in domain names, and without regard to their location
in either the physical world, the currently topology of the network,
or the TLD of the host they are using at the moment. Furthermore, a
great many people use multiple languages (not necessarily including
English) is, so that a given person, host, or subnetwork will often
need to exist in multiple (potentially competing) locales at once.
Fortunately the IDN group is making very good progress, and I'm
confident that consensus around a concrete proposal will soon emerge.
Dan K [EMAIL PROTECTED] says:
Well, People cope with the flaws reasonably well. The codeset loaded into
this email client and OS has a hefty smash of diacritial support. Most
languages with a western origin can be represented with some moderate
difficulties.
A Scientific American article on machine representation showed how uneven
the support is, showing some languages really take a beating from word
processing in general. The negative example was Farsi, which they
illustrated looks tragically bad when machine rendered without specific
technology support.
The 16 bit attempts for some ideographic languages seems substaintially usable.
One reason the IDN thing is so daunting is the work arounds are not that
bad. For instance, you can embed a backgroundless GIF into a web page and
have any ideogram link to a URL. That's nearly ideal in many ways. Storing
it as a bookmark, "favorite" whatever, the underlying machine language is
barely encountered. If the local Software browser stored the graphic neatly
and presented it well, the author would have total freedom to compose an
image of any sorts and have it persist indefinitely. Disorderly but functional.
That's why I think the work should continue and broaden, and somehow, I
don't know how, get more non-technocrats to try this stuff out. Not rush
into global piecemeal application. As of course discussed at length
previously, those are reasons to get the protocols perfected in the absence
of knowing how to apply them. Subtle work.
I'd liek to do more of substance other than theorize. I think I will study
the concepts behine unicode this weekend and try to develop a better
understanding of that work.
Regards to all,
Dan Kolis
Dan Kolis - Lindsay Electronics Ltd [EMAIL PROTECTED]
50 Mary Street West, Lindsay Ontario Canada K9V 2S7
(705) 324-2196 Phone (705) 324-5474 Fax
(888) 326-5654 Pager Anywhere (888) DANKOLIS {Same #)
An ISO 9001 Company; SCTE Member ISM-127194
/Document end
Re: Balkanize - IDN ii
Dan Kolis [EMAIL PROTECTED] said: One reason the IDN thing is so daunting is the work arounds are not that bad. For instance, you can embed a backgroundless GIF into a web page and have any ideogram link to a URL. That's nearly ideal in many ways. Keith Moore [EMAIL PROTECTED] said: only if you assume that people "nearly" always get domain names (or things that contain domain names, like email addresses and URLs) from web pages. in practice the contexts in which domain names appear and are transcribed are far more diverse than that. what you are saying, in effect, is that people who don't speak English don't need to be able to transcribe domain names from other contexts. Dan K says: Magazines have absolutely no interest in making it possible to enter URL sucessfully you find in a printed publication. They insert hypens, kern, change underlining, all sorts of sins in printing URLs. They have had enough years handling these objects to not mangle them. Your not speaking any language when you select characters and entering them anyway. Your just finding the right buttons to press. I've suggested a regime that has some tricky_to_build slop in it, so you get the same results with or without much attention to detail. This is only in the context of DNS entries. People surely have a right to make stuff look as elaborate as they like, the question is, if they don't to that, do they get punished for what they don't know how to do. General question: Jon Postel got amazing results... Many of the old(er) timers in this business must have talked to him at length about the DNS. What was his take on this sort of thing? Regards, Dan Kolis
Babel and the works of many - IDN
Matt Crawford [EMAIL PROTECTED] said:
If the world had asked you or me to design an international
language, I think either of us would have done better.
Dan Kolis [EMAIL PROTECTED] says:
Well in biblical theology; I've heard it goes like this: Everyone on earth
(well on the building site for sure) could understand each other, then "God
so feared man (details apparently lacking, something about a building
project going too well in Babel)", he inflicted suddenly all different
languages on them and they screwed up the tower.
No wonders its a hard problem. Its been designed by a supreme being to be
difficult! I think more committee members are required.
(oh, and something about some other attribute; some dudes in the crowd could
understand everyone anyway, and be understood while the others thrashed
around, freaked out). Some holy parameter they had. I don't know how you get
that accreditation. Makes me think of Douglas Adam's "Babelfish".
Regs, "A Babelfish in the ear to you!",
Dan
Dan Kolis - Lindsay Electronics Ltd [EMAIL PROTECTED]
50 Mary Street West, Lindsay Ontario Canada K9V 2S7
(705) 324-2196 Phone (705) 324-5474 Fax
(888) 326-5654 Pager Anywhere (888) DANKOLIS {Same #)
An ISO 9001 Company; SCTE Member ISM-127194
/Document end
Example of dns (non) fun iv
Claus said: http://www.déjà.fr/ http://www.deja.fr/ This is really not new at all. Today, we do already have domains that are very similar: foobar.com vs. foo-bar.com vs. foobarr.com vs. ... foobar.com vs. foobár.com is not much different. Claus Dan K says: 1) your right. with your tld .de I assume for the moment you also speak German. The difference is what you 'try' when a url doesn't work. If you tried: http://ßrehct.de and it didn't work you would probably try: http://brehct.de The difference is whether you think the lack of connectivity is a spelling error; foobar versus foobarr, or a systemic misunderstanding. The cause of non connectivity is a new axis of freedom for error. regards, Dan Kolis
Cannot be, those wacky lawyers
And the lawyers would insist that something like: 180.035.069.037 would spell 1-800-Flowers and try to reserve an IP address based on that name. oh, That's ridiculous! Besides, 180.035.069.037 is already taken. It spells "Isotoner gloves" ... everybody knows that. Dan K
Diacritical application in the DNS
Greetings, Martin Duerst [EMAIL PROTECTED] said: It might be usable as a poor man's ASCII equivalent, but I strongly doubt that anybody will want to have it on the Latin side of their name card. Patrik [EMAIL PROTECTED] said: I would, because I know that people in many parts of the world don't know how to enter "sömos" on their keyboard, and if I register the domain "snömos.se", I really want people to be able to get to ...I know that people in many parts of the world don't know how to enter "sömos" on their keyboard, and if I register the domain "snömos.se", I really want people to be able to get to http://www.snömos.se So, if I think it is perfectly all right to have http://www.bq--abzw55tnn5zq.se - - - - - - - - - - - - - - - - - - Dan Kolis [EMAIL PROTECTED] says: Now we are getting down to the nuts and bolts of the feeling something's not too great in this basket of goodies. http://www.snömos.se Conceptually and maybe in some jurisdictions obligates: http://www.snomos.se And the obverse is true. Dealing with even a rudimentary understanding of human factors implies these two have a mapping to each other. So: http://www.snömos.se http://www.snomos.se Entity one Entity two Where the symbol means "common destiny". This is reversible in that one existing creates issues in the real world for the other. In some purely theoretical space, there is no problem at all. This is repaired by: http://www.bq--abzw55tnn5zq.se Being a unique mapping of Entity one. The suggestion Patrik [EMAIL PROTECTED] made to have: http://www.bq--abzw55tnn5zq.se Appear as a pseudonym of Entity one human readable printed correspondence defeats the purpose of having a DNS. A dotted IP address is easier to use and less error prone than a completely non-readable hex dump like entry. 123.34.56.67 has got to be easier to enter than www.bq--abzw55tnn5zq.se My question to Patrik is, (Q1) when your non diacritical capable (potential) user enters: http://www.snomos.se and hopes for the best, is it ok if they get your site? (Q2) Is it ok if the more savvy user entering this, if they get the same site? http://www.snömos.se (Q3) Are you will to pay for two domain names to make this happen? The major reason ICANN jumped on internationalizing the DNS is political correctness, not convenience to anyone, include those who's sole or favored language is represented poorly in the existing system. Now, the suggestion has been posed that this is not an IETF or "Internet intelligentsia" issue, and ICANN or whoever can fight the trench warfare; e.g.: battle cybersquatters hoping for entry errors, etc to make it work. Well, some things can't be legislated into functionality, they can just be made to work badly in a different way. For example, the Virginia legislature decided, "for the purposes of Commerce", decided 175 years ago to Fix Pi at 3.1 This did not change the relationship of circumference to diameter. Working with the mapping can be achieved by many methods: 1) Blame non-technocrats for being computer illiterate, and ignore their complaints. 2) Blame non-linguists for being language illiterate, for not understanding the idiosyncrasies of 2500 languages. 3) Make certain things neo-illegal; (UDRP says 'no') to some domain names because other like it exist. Ex. diacritical marks aside, they are 'the same'. 4) Use tort type 'law' to create liability for whoever is Nth (second, third, etc) creating a misunderstanding. 5) Create DNS resolver software, which encodes human misunderstandings and returns IP's based on some hierarchy of likeliness when an Entity (we are already contaminating what constitutes an URN, URL) is not found. 6) Presenting redundancies to users; (as in Patrik's workaround). Give them more to poke with, hoping they gett what they want. via some trial and error. -- I may have missed a coping mechanism above, but its easy to see a problem with each of those. Since ICANN is such a new agency, the exuberance to "do the right thing" is powerful, and the community should understand the good intentions behind the proclamation. I have thought about this and have a suggested way to proceed which has a pretty slim chance of being applied, (due mostly to timing, the thinking here is probably frozen). If this was suggested early on, it would seem the obvious way to proceed instead of trouble. Anyway, this is it: Dan1) Carry all diacritical marks in non-ideographic languages and make a simple 1:1 mapping to ignore them for comparison purposes. RACE remapping is not used. RR entries can be in any human readable language as well. So for example: This is an existing Icelandic ice cream vendor: http://www.kjoris.is/ Now I risk discomfort for the anti-social act of attaching a 4K gif. Its tiny, sorry to inconvenience y
Example of dns (non) fun
In the present regime, its not surprising the frist below does not resolve and the second does: http://www.déjà.fr/ http://www.deja.fr/ In the proposed regime, its not obvious what to do from a purely consumer point of view. Verisigns view would be each is completely unique. ICANN's dispute resolution would say there completely identifical and one has to go! But ICANN's resolution makes this problem appear in the first place. Whoops, its not pretty. Dan K
